fix: do not recognize "&;" as an XML escape sequence

xml_isentity was incorrectly recognizing "&;" as an escape sequence. Despite
vague wording in the standard, it seems fairly clear that &<name>; is only
intended to be a valid escape sequence when <name> is non-empty. Fixes #797.

Note that unfortunately due to #1868, we need to fix this bug four times in
copy-pasted versions of the same function.

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c4e14a568338dc25201905e52e2b7be919a45c92..0ca5e1b8cd796c12444909f0cce52b8cec715cc1 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,6 +20,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - HTML parser error with single closing square bracket in table row #1893
 - reference counted strings put the HTML bit in the middle of the reference
   count #1984
+- & escape disappearing #797
 
 ## [2.47.0] - 2021-03-15
 

diff --git a/cmd/smyrna/smyrna_utils.c b/cmd/smyrna/smyrna_utils.c
index d81cbc724730a4bfaf59084749bb002f9f2b257b..15a52125499553f38ed8f1566d4c774dab4010f5 100644 (file)
--- a/cmd/smyrna/smyrna_utils.c
+++ b/cmd/smyrna/smyrna_utils.c
@@ -31,13 +31,16 @@ int mapbool(char *p)
     return atoi(p);
 }
 
-/* return true if *s points to &[A-Za-z]*;      (e.g. Ç )
+/* return true if *s points to &[A-Za-z]+;      (e.g. Ç )
  *                          or &#[0-9]*;        (e.g. & )
  *                          or &#x[0-9a-fA-F]*; (e.g. 水 )
  */
 static int xml_isentity(char *s)
 {
     s++;                       /* already known to be '&' */
+    if (*s == ';') { // '&;' is not a valid entity
+       return 0;
+    }
     if (*s == '#') {
        s++;
        if (*s == 'x' || *s == 'X') {

diff --git a/cmd/tools/gv2gxl.c b/cmd/tools/gv2gxl.c
index 79671f6cd4e3fb13cd182a23bb2136917b3bf0b4..af09d3302d6bec07400ad1af668f04680676e85e 100644 (file)
--- a/cmd/tools/gv2gxl.c
+++ b/cmd/tools/gv2gxl.c
@@ -139,13 +139,16 @@ static int legalGXLName(char *id)
     return 1;
 }
 
-/* return true if *s points to &[A-Za-z]*;      (e.g. Ç )
+/* return true if *s points to &[A-Za-z]+;      (e.g. Ç )
  *                          or &#[0-9]*;        (e.g. & )
  *                          or &#x[0-9a-fA-F]*; (e.g. 水 )
  */
 static int xml_isentity(char *s)
 {
     s++;                       /* already known to be '&' */
+    if (*s == ';') { // '&;' is not a valid entity
+       return 0;
+    }
     if (*s == '#') {
        s++;
        if (*s == 'x' || *s == 'X') {

diff --git a/lib/common/labels.c b/lib/common/labels.c
index cf951f77cda7cdf92946169f5f05ec43c197899a..b327b10a943e6cec85ffe425a3ecb0fc2db40eb3 100644 (file)
--- a/lib/common/labels.c
+++ b/lib/common/labels.c
@@ -399,13 +399,16 @@ char *strdup_and_subst_obj(char *str, void *obj)
     return strdup_and_subst_obj0 (str, obj, 1);
 }
 
-/* return true if *s points to &[A-Za-z]*;      (e.g. Ç )
+/* return true if *s points to &[A-Za-z]+;      (e.g. Ç )
  *                          or &#[0-9]*;        (e.g. & )
  *                          or &#x[0-9a-fA-F]*; (e.g. 水 )
  */
 static int xml_isentity(char *s)
 {
     s++;                       /* already known to be '&' */
+    if (*s == ';') { // '&;' is not a valid entity
+       return 0;
+    }
     if (*s == '#') {
        s++;
        if (*s == 'x' || *s == 'X') {

diff --git a/plugin/core/gvrender_core_vml.c b/plugin/core/gvrender_core_vml.c
index cad845ef008c112dc579a9701a751a3fb2644cc1..dd5631abed2bc6fd2a0b819aa33940f0844d0d3c 100644 (file)
--- a/plugin/core/gvrender_core_vml.c
+++ b/plugin/core/gvrender_core_vml.c
@@ -32,6 +32,9 @@ unsigned int  graphHeight,graphWidth;
 static int xml_isentity(char *s)
 {
     s++;                       /* already known to be '&' */
+    if (*s == ';') { // '&;' is not a valid entity
+       return 0;
+    }
     if (*s == '#') {
        s++;
        if (*s == 'x' || *s == 'X') {

diff --git a/rtest/test_regression.py b/rtest/test_regression.py
index e62b99aa8f8c289471172459c58a38ba0a6b7842..c5111299295a2be4781394d9b3be7a5261bdf23f 100644 (file)
--- a/rtest/test_regression.py
+++ b/rtest/test_regression.py
@@ -217,7 +217,6 @@ def test_793():
     # Graphviz should not have caused a segfault
     assert p.returncode != -signal.SIGSEGV, 'Graphviz segfaulted'
 
-@pytest.mark.xfail(strict=True)
 def test_797():
     '''
     “&;” should not be considered an XML escape sequence