- Fixed bug #53021 (In html_entity_decode, failure to convert numeric entities with...

diff --git a/NEWS b/NEWS
index e7388dfaa58cc9d5d7e3b1d629b9f65f560ff24b..fc8015e99392693447a8d2df2c7cf080d3cafe83 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,8 @@
 - Fixed possible crash in mssql_fetch_batch(). (Kalle)
 - Fixed inconsistent backlog default value (-1) in FPM on many systems. (fat)
 
+- Fixed bug #53021 (In html_entity_decode, failure to convert numeric entities
+  with ENT_NOQUOTES and ISO-8859-1) (Gustavo).
 - Fixed bug #52981 (Unicode casing table was out-of-date. Updated with
   UnicodeData-6.0.0d7.txt and included the source of the generator program with
   the distribution) (Gustavo).

diff --git a/ext/standard/html.c b/ext/standard/html.c
index e5891588a7080d91ed3fe4e178ddc3e65dbff80a..79474216b602806f0a4eba32c2a090c905d77ad5 100644 (file)
--- a/ext/standard/html.c
+++ b/ext/standard/html.c
@@ -1020,7 +1020,12 @@ PHPAPI char *php_unescape_html_entities(unsigned char *old, int oldlen, int *new
                                                code = strtol(p + 2, &next, 10);
                                        }
 
-                                       if (next != NULL && *next == ';') {
+                                       if (code == 39 && !(quote_style & ENT_HTML_QUOTE_SINGLE) ||
+                                               code == 24 && !(quote_style & ENT_HTML_QUOTE_DOUBLE)) {
+                                               invalid_code = 1;
+                                       }
+
+                                       if (next != NULL && *next == ';' && !invalid_code) {
                                                switch (charset) {
                                                        case cs_utf_8:
                                                                q += php_utf32_utf8(q, code);
@@ -1032,11 +1037,7 @@ PHPAPI char *php_unescape_html_entities(unsigned char *old, int oldlen, int *new
                                                                if ((code >= 0x80 && code < 0xa0) || code > 0xff) {
                                                                        invalid_code = 1;
                                                                } else {
-                                                                       if (code == 39 || !quote_style) {
-                                                                               invalid_code = 1;
-                                                                       } else {
-                                                                               *(q++) = code;
-                                                                       }
+                                                                       *(q++) = code;
                                                                }
                                                                break;
 

diff --git a/ext/standard/tests/strings/bug53021.phpt b/ext/standard/tests/strings/bug53021.phpt
new file mode 100644 (file)
index 0000000..6f29009
--- /dev/null
+++ b/ext/standard/tests/strings/bug53021.phpt
@@ -0,0 +1,10 @@
+--TEST--\r
+Bug #53021 (Failure to convert numeric entities with ENT_NOQUOTES and ISO-8859-1)\r
+--FILE--\r
+<?php\r
+var_dump(unpack("H*",html_entity_decode("&#233;", ENT_QUOTES, "ISO-8859-1")));\r
+--EXPECT--\r
+array(1) {\r
+  [1]=>\r
+  string(2) "e9"\r
+}\r