Added test for Bug 54446

Init a variable to a default value to avoid issues

diff --git a/ext/xsl/tests/bug54446.phpt b/ext/xsl/tests/bug54446.phpt
new file mode 100644 (file)
index 0000000..d5f4693
--- /dev/null
+++ b/ext/xsl/tests/bug54446.phpt
@@ -0,0 +1,95 @@
+--TEST--
+Bug #54446 (Arbitrary file creation via libxslt 'output' extension)
+--SKIPIF--
+<?php
+if (!extension_loaded('xsl')) die("skip Extension XSL is required\n");
+?>
+--FILE--
+<?php
+include("prepare.inc"); 
+
+$outputfile = dirname(__FILE__)."/bug54446test.txt";
+if (file_exists($outputfile)) {
+    unlink($outputfile);
+}
+
+$sXsl = <<<EOT
+<xsl:stylesheet version="1.0"
+       xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+       xmlns:sax="http://icl.com/saxon"
+       extension-element-prefixes="sax">
+
+       <xsl:template match="/">
+               <sax:output href="$outputfile" method="text">
+                       <xsl:value-of select="'0wn3d via PHP and libxslt ...'"/>
+               </sax:output>
+       </xsl:template>
+
+</xsl:stylesheet>
+EOT;
+
+$xsl->loadXML( $sXsl );
+
+# START XSLT 
+$proc->importStylesheet( $xsl ); 
+
+# TRASNFORM & PRINT 
+print $proc->transformToXML( $dom ); 
+
+
+if (file_exists($outputfile)) {
+    print "$outputfile exists, but shouldn't!\n";
+} else {
+    print "OK, no file created\n";
+}
+
+#SET NO SECURITY PREFS
+ini_set("xsl.security_prefs", XSL_SECPREF_NONE);
+
+# TRASNFORM & PRINT 
+print $proc->transformToXML( $dom ); 
+
+
+if (file_exists($outputfile)) {
+    print "OK, file exists\n";
+} else {
+    print "$outputfile doesn't exist, but should!\n";
+}
+
+unlink($outputfile);
+
+#SET SECURITY PREFS AGAIN
+ini_set("xsl.security_prefs", XSL_SECPREF_WRITE_FILE |  XSL_SECPREF_WRITE_NETWORK | XSL_SECPREF_CREATE_DIRECTORY);
+
+# TRASNFORM & PRINT 
+print $proc->transformToXML( $dom ); 
+
+if (file_exists($outputfile)) {
+    print "$outputfile exists, but shouldn't!\n";
+} else {
+    print "OK, no file created\n";
+}
+
+
+--EXPECTF--
+Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d
+
+Warning: XSLTProcessor::transformToXml(): File write for %s/bug54446test.txt refused in %s on line %s
+
+Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element output in %s on line %d
+
+Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test.txt denied in %s on line %d
+OK, no file created
+OK, file exists
+
+Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %s element output in %s on line %d
+
+Warning: XSLTProcessor::transformToXml(): File write for %s/bug54446test.txt refused in %s on line %s
+
+Warning: XSLTProcessor::transformToXml(): runtime error: file %s line %d element output in %s on line %d
+
+Warning: XSLTProcessor::transformToXml(): xsltDocumentElem: write rights for %s/bug54446test.txt denied in %s on line %d
+OK, no file created
+--CREDITS--
+Christian Stocker, chregu@php.net
+

diff --git a/ext/xsl/xsltprocessor.c b/ext/xsl/xsltprocessor.c
index 980ff5616c3ebcf3e5785bd06c87d8aca63b9688..bba07aaee36a2f07d6af8b7407f87c2c99edaf87 100644 (file)
--- a/ext/xsl/xsltprocessor.c
+++ b/ext/xsl/xsltprocessor.c
@@ -475,7 +475,7 @@ static xmlDocPtr php_xsl_apply_stylesheet(zval *id, xsl_object *intern, xsltStyl
        zval *doXInclude, *member;
        zend_object_handlers *std_hnd;
        FILE *f;
-       int secPrefsError;
+       int secPrefsError = 0;
        int secPrefsIni;
        xsltSecurityPrefsPtr secPrefs = NULL;