From 485a0943347dd7bf6a36631dcc4da672e5107836 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Gustavo=20Andr=C3=A9=20dos=20Santos=20Lopes?=
 <cataphract@php.net>
Date: Fri, 8 Oct 2010 16:19:58 +0000
Subject: [PATCH] - Fixed bug #53021 (In html_entity_decode, failure to convert
 numeric entities with ENT_NOQUOTES and ISO-8859-1).

---
 NEWS                                     |  2 ++
 ext/standard/html.c                      | 13 +++++++------
 ext/standard/tests/strings/bug53021.phpt | 10 ++++++++++
 3 files changed, 19 insertions(+), 6 deletions(-)
 create mode 100644 ext/standard/tests/strings/bug53021.phpt

diff --git a/NEWS b/NEWS
index e7388dfaa5..fc8015e993 100644
--- a/NEWS
+++ b/NEWS
@@ -25,6 +25,8 @@
 - Fixed possible crash in mssql_fetch_batch(). (Kalle)
 - Fixed inconsistent backlog default value (-1) in FPM on many systems. (fat)
 
+- Fixed bug #53021 (In html_entity_decode, failure to convert numeric entities
+  with ENT_NOQUOTES and ISO-8859-1) (Gustavo).
 - Fixed bug #52981 (Unicode casing table was out-of-date. Updated with
   UnicodeData-6.0.0d7.txt and included the source of the generator program with
   the distribution) (Gustavo).
diff --git a/ext/standard/html.c b/ext/standard/html.c
index e5891588a7..79474216b6 100644
--- a/ext/standard/html.c
+++ b/ext/standard/html.c
@@ -1020,7 +1020,12 @@ PHPAPI char *php_unescape_html_entities(unsigned char *old, int oldlen, int *new
 						code = strtol(p + 2, &next, 10);
 					}
 
-					if (next != NULL && *next == ';') {
+					if (code == 39 && !(quote_style & ENT_HTML_QUOTE_SINGLE) ||
+						code == 24 && !(quote_style & ENT_HTML_QUOTE_DOUBLE)) {
+						invalid_code = 1;
+					}
+
+					if (next != NULL && *next == ';' && !invalid_code) {
 						switch (charset) {
 							case cs_utf_8:
 								q += php_utf32_utf8(q, code);
@@ -1032,11 +1037,7 @@ PHPAPI char *php_unescape_html_entities(unsigned char *old, int oldlen, int *new
 								if ((code >= 0x80 && code < 0xa0) || code > 0xff) {
 									invalid_code = 1;
 								} else {
-									if (code == 39 || !quote_style) {
-										invalid_code = 1;
-									} else {
-										*(q++) = code;
-									}
+									*(q++) = code;
 								}
 								break;
 
diff --git a/ext/standard/tests/strings/bug53021.phpt b/ext/standard/tests/strings/bug53021.phpt
new file mode 100644
index 0000000000..6f290096e4
--- /dev/null
+++ b/ext/standard/tests/strings/bug53021.phpt
@@ -0,0 +1,10 @@
+--TEST--
+Bug #53021 (Failure to convert numeric entities with ENT_NOQUOTES and ISO-8859-1)
+--FILE--
+<?php
+var_dump(unpack("H*",html_entity_decode("&#233;", ENT_QUOTES, "ISO-8859-1")));
+--EXPECT--
+array(1) {
+  [1]=>
+  string(2) "e9"
+}
-- 
2.40.0