[BUGFIX] Avoid segmentation faults when processing entities

darylldoyle / svg-sanitizer

A PHP SVG/XML Sanitizer

GNU General Public License v2.0

465 stars 68 forks source link

[BUGFIX] Avoid segmentation faults when processing entities #53

Closed ohader closed 3 years ago

ohader commented 3 years ago

Related: #52

ohader commented 3 years ago

vendor/bin/phpunit --no-coverage --filter=/doctypeAndEntityAreRemoved/
PHPUnit 6.5.14 by Sebastian Bergmann and contributors.

[1]    63007 segmentation fault  vendor/bin/phpunit --no-coverage --filter=/doctypeAndEntityAreRemoved/

lolli42 commented 3 years ago

+1 Confirmed the patch, this fixes the php segfaults we're experiencing.

lolli42 commented 3 years ago

Hope it is ok to ping here. :)

This issue is kinda important to us since TYPO3 added svg-sanitizer as dependency to increase security. Those segfaults are nasty and of course an issue for our application stability. The patch looks good to me and the added tests nail the specific issue.

Is there anything left we may have missed and we could help with to get this fixed and released?

Thanks for all the work on this project. Keep rocking :)