Bug 467314 - libxml2 causes breakage with character data in PHP xml_parse()
libxml2 causes breakage with character data in PHP xml_parse()
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: php (Show other bugs)
9
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Joe Orton
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-10-16 16:01 EDT by Ludovic LANGE
Modified: 2009-06-11 05:35 EDT (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-06-11 05:35:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
provides a new backwards-compatible parser option for php to use (3.81 KB, patch)
2009-04-14 09:46 EDT, Jason Long
no flags Details | Diff
patch for php, makes it use the new parser option in libxml2 (485 bytes, patch)
2009-04-14 09:47 EDT, Jason Long
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
PHP Bug Tracker 45996 None None None Never

  None (edit)
Description Ludovic LANGE 2008-10-16 16:01:23 EDT
Description of problem:
There is a bug that occurs when PHP is compiled against libxml2 : when parsing XML data with xml_parse, entities ( < > ... ) are silently skipped.
According to the Bug Report in PHP ( http://bugs.php.net/bug.php?id=45996 ) the only workaround so far is to compile PHP with expat (only for specific modules)

One poster was nice enough to point out the modification to Mandriva's RPM, I suppose it is not very different for Fedora's RPM : http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/updates/2009.0/php/c
urrent/SPECS/php.spec?r1=278891&r2=281822


Version-Release number of selected component (if applicable):
php-5.2.6-2.fc9.i386

How reproducible:
(See PHP Bug Report)
Comment 1 Joe Orton 2008-10-17 09:41:40 EDT
Looks like a simple bug.   Switching XML library to work around this stuff is stupid.  Have posted patch upstream for review:

http://people.apache.org/~jorton/php-5.2.6-xmlwformed.patch
Comment 2 Ludovic LANGE 2008-10-21 06:23:16 EDT
(Note added per Joe's request)
The patch seems not to have the desired effect. (cf http://bugs.php.net/bug.php?id=45996 )
Comment 3 Dirk Schlüter 2008-10-22 13:29:04 EDT
I'm affected by this problem, too. I use TYPO3 with F9 for TYPO3 development and some functions don't work because of this bug. The same TYPO3 Installation on CentOS 5 (PHP 5.2.6) with libxml2-2.6.26-2.1.2.6 works fine. On F9 i have libxml2-2.7.1-2.fc9.i386.

TYPO3 Bugtracker: http://bugs.typo3.org/view.php?id=9359

Is there a chance to get TYPO3 work on F9 again in a short time?

Thank you very much.
Comment 4 Dirk Schlüter 2008-10-22 13:36:45 EDT
Sorry for posting again. I've seen there is a libxml2 Version 2.7.2. The Changelog looks like this bug is fixed! 

ftp://xmlsoft.org/libxml2/libxml2-2.7.2.tar.gz

I'll test this and try to rebuild the libxml2 rpm with the new version.
Comment 5 Dirk Schlüter 2008-10-22 14:51:18 EDT
FYI: 

Installing libxml2-2.7.2 from updates-testing und rebuild/re-installing the latest fedora php 5.2.6-2 rpms  doesn't help. 

phpinfo():

libxml
libXML support 	active
libXML Version 	2.7.2
libXML streams 	enabled 

I'm still open for ideas. ;-)
Comment 6 Jason Long 2009-01-14 09:48:23 EST
Note:
It looks like there's been progress upstream. According to the PHP bug report (http://bugs.php.net/bug.php?id=45996), it appears there is now a two-part fix available. One part is in PHP and the other in libxml2.

I think this is the patch for PHP?
http://cvs.php.net/viewvc.cgi/php-src/ext/xml/compat.c?r1=1.52&r2=1.53

And I think this is the patch for libxml2?
http://svn.gnome.org/viewvc/libxml2?view=revision&revision=3807

I hope this is helpful for getting a fix in for Fedora 9/10.
Comment 7 Alex Markley 2009-03-16 19:13:25 EDT
This problem seems to still occur in Fedora 10 with the latest updates.

+1 to getting a fix pushed out asap.
Comment 8 Sven 2009-03-20 10:38:39 EDT
This definitely happens with php-5.2.6-5 and libxml2-2.7.3-1.fc10.
Downgrading to libxml2-2.6.32-1.fc9 "fixes" it.

Looks like it's fixed in PHP 5.2.9: http://uk3.php.net/ChangeLog-5.php
Comment 9 Tim Pepper 2009-04-08 17:55:20 EDT
Any chance of an updated package getting released still in fc10?
Comment 10 Jason Long 2009-04-14 09:44:49 EDT
I'll attach the patches I used to rebuild the RPMs on my own Fedora 10 system, which fixed the problem. What's the best way to prepare these for inclusion in Fedora?
Comment 11 Jason Long 2009-04-14 09:46:15 EDT
Created attachment 339491 [details]
provides a new backwards-compatible parser option for php to use
Comment 12 Jason Long 2009-04-14 09:47:33 EDT
Created attachment 339492 [details]
patch for php, makes it use the new parser option in libxml2

The PHP patch only works if the libxml2 patch of this ticket has already been installed.
Comment 13 Joe Orton 2009-04-14 09:57:29 EDT
Can you file a bug against libxml2 to request a backport/rebase to fix the libxml2 portion of this?
Comment 14 Jason Long 2009-04-14 10:11:30 EDT
Sure, I created bug 495719 against libxml2.
Comment 15 Daniel Veillard 2009-04-15 07:57:49 EDT
libxml2-2.7.3 carrying the patch is in F10 stable updates since end of January

Daniel
Comment 16 Remi Collet 2009-04-17 00:50:42 EDT
php-5.2.9-1.fc10,maniadrive-1.2-13.fc10 has been submitted as an update for
Fedora 10.
http://admin.fedoraproject.org/updates/php-5.2.9-1.fc10,maniadrive-1.2-13.fc10  

Please try new php 5.2.9
Comment 17 Aaron S. Hawley 2009-04-22 11:13:41 EDT
Updates work for me, thanks!

$ rpm -q php libxml2
php-5.2.9-2.fc10.i386
libxml2-2.7.3-1.fc10.i386
Comment 18 Aaron S. Hawley 2009-05-30 07:06:52 EDT
Apparently, php 5.2.9 is now in stable.

https://admin.fedoraproject.org/updates/F9/FEDORA-2009-3848
Comment 19 Bug Zapper 2009-06-09 22:59:21 EDT
This message is a reminder that Fedora 9 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 9.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '9'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 9's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 9 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 20 Sven 2009-06-11 05:28:32 EDT
A combination of php-5.2.9-2.fc10 and libxml2-2.7.3-1.fc10 (the latest from updates) fixes the problem for me AFAICT.
Comment 21 Joe Orton 2009-06-11 05:35:21 EDT
Thanks for the feedback.  Making closed.

Note You need to log in before you can comment on or make changes to this bug.