Skip Menu |

This queue is for tickets about the XML-Parser CPAN distribution.

Report information
The Basics
Id: 54747
Status: resolved
Priority: 0/
Queue: XML-Parser

People
Owner: Nobody in particular
Requestors:
Cc:
AdminCc:

Bug Information
Severity: Unimportant
Broken in: 2.36
Fixed in: (no value)



Subject: FYI RHEL5's expat (1.95.8-8.3.el5_4.2), external DTD test failures
Hello and Thanks for XML::Parser, This is not a bug report for XML::Parser, but something that might look like one. If you are on RHEL5 and have expat-1.95.8-8.3.el5_4.2 as part of http://rhn.redhat.com/errata/RHSA-2009-1625.html, see the links in the errata for the CVE's and bugzilla. XML-Parser-2.34 (and 2.36) tests will fail with: t/decl.t 1..30 ok 1 syntax error at line 14, column 3, byte 214: %ext; <![%bar;[ ==^ <!ATTLIST bar xyz (a|b|c) 'b'> ]]> error in processing external entity reference at line 21, column 3, byte 3161: <!ELEMENT bar ANY> <!ATTLIST bar big CDATA 'This is a large string value to test whether the declaration parser still works when the entity or attribute default value may be broken into multiple calls to the default handler. 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 01234567890123456789012345678901234567890123456789012345678901234567890123456789 '> ]> ==^ <foo/> at /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/XML/Parser.pm line 187 and also t/parament.t 1..12 ok 1 error in processing external entity reference at line 8, column 0, byte 173: <!ENTITY more SYSTEM "t/ext2.ent"> ] Show quoted text
>
^ <foo>Happy, happy <bar>&joy;, &joy;</bar> at /usr/lib64/perl5/vendor_perl/5.8.8/x86_64-linux-thread-multi/XML/Parser.pm line 187 This fails with RH's perl-XML-Parser (perl-XML-Parser-2.34-6.1.2.2.1), and when building 2.34 or 2.36 from CPAN src distribution. From what I have read, there was an issue introduced with the expat changes for the CVE's, this was subsequently fixed in expat, but has not made it yet into RH's expat. I think this is the open bug: https://bugzilla.redhat.com/show_bug.cgi?id=556415 Also see: http://mail.libexpat.org/pipermail/expat-discuss/2009-December/thread.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561658 http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166 http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?view=log#rev1.166 http://expat.cvs.sourceforge.net/viewvc/expat/expat/lib/xmlparse.c?r1=1.164&r2=1.166&view=patch Cheers, Peter (Stig) Edwards
Ticket migrated to github as https://github.com/toddr/XML-Parser/issues/51