diff --git a/lib/rexml/parsers/baseparser.rb b/lib/rexml/parsers/baseparser.rb
index 28810bfa..342f9482 100644
--- a/lib/rexml/parsers/baseparser.rb
+++ b/lib/rexml/parsers/baseparser.rb
@@ -548,15 +548,13 @@ def unnormalize( string, entities=nil, filter=nil )
}
matches.collect!{|x|x[0]}.compact!
if matches.size > 0
- sum = 0
matches.each do |entity_reference|
unless filter and filter.include?(entity_reference)
entity_value = entity( entity_reference, entities )
if entity_value
re = Private::DEFAULT_ENTITIES_PATTERNS[entity_reference] || /&#{entity_reference};/
rv.gsub!( re, entity_value )
- sum += rv.bytesize
- if sum > Security.entity_expansion_text_limit
+ if rv.bytesize > Security.entity_expansion_text_limit
raise "entity expansion has grown too large"
end
else
diff --git a/test/test_document.rb b/test/test_document.rb
index 0764631d..2e621db0 100644
--- a/test/test_document.rb
+++ b/test/test_document.rb
@@ -33,10 +33,12 @@ def test_new
class EntityExpansionLimitTest < Test::Unit::TestCase
def setup
@default_entity_expansion_limit = REXML::Security.entity_expansion_limit
+ @default_entity_expansion_text_limit = REXML::Security.entity_expansion_text_limit
end
def teardown
REXML::Security.entity_expansion_limit = @default_entity_expansion_limit
+ REXML::Security.entity_expansion_text_limit = @default_entity_expansion_text_limit
end
class GeneralEntityTest < self
@@ -126,6 +128,24 @@ def test_with_default_entity
doc.root.children.first.value
end
end
+
+ def test_entity_expansion_text_limit
+ xml = <<-XML
+
+
+
+
+
+
+]>
+&a;
+ XML
+
+ REXML::Security.entity_expansion_text_limit = 90
+ doc = REXML::Document.new(xml)
+ doc.root.children.first.value
+ end
end
class ParameterEntityTest < self
diff --git a/test/test_pullparser.rb b/test/test_pullparser.rb
index 55205af8..4212775d 100644
--- a/test/test_pullparser.rb
+++ b/test/test_pullparser.rb
@@ -159,10 +159,12 @@ def test_peek
class EntityExpansionLimitTest < Test::Unit::TestCase
def setup
@default_entity_expansion_limit = REXML::Security.entity_expansion_limit
+ @default_entity_expansion_text_limit = REXML::Security.entity_expansion_text_limit
end
def teardown
REXML::Security.entity_expansion_limit = @default_entity_expansion_limit
+ REXML::Security.entity_expansion_text_limit = @default_entity_expansion_text_limit
end
class GeneralEntityTest < self
@@ -249,6 +251,25 @@ def test_with_default_entity
end
end
end
+
+ def test_entity_expansion_text_limit
+ source = <<-XML
+
+
+
+
+
+]>
+&a;
+ XML
+
+ REXML::Security.entity_expansion_text_limit = 90
+ parser = REXML::Parsers::PullParser.new(source)
+ while parser.has_next?
+ parser.pull
+ end
+ end
end
end
end
diff --git a/test/test_sax.rb b/test/test_sax.rb
index 5e3ad75b..5d553b7c 100644
--- a/test/test_sax.rb
+++ b/test/test_sax.rb
@@ -102,10 +102,12 @@ def test_sax2
class EntityExpansionLimitTest < Test::Unit::TestCase
def setup
@default_entity_expansion_limit = REXML::Security.entity_expansion_limit
+ @default_entity_expansion_text_limit = REXML::Security.entity_expansion_text_limit
end
def teardown
REXML::Security.entity_expansion_limit = @default_entity_expansion_limit
+ REXML::Security.entity_expansion_text_limit = @default_entity_expansion_text_limit
end
class GeneralEntityTest < self
@@ -182,6 +184,22 @@ def test_with_default_entity
sax.parse
end
end
+
+ def test_entity_expansion_text_limit
+ source = <<-XML
+
+
+
+
+
+]>
+&a;
+ XML
+
+ REXML::Security.entity_expansion_text_limit = 90
+ REXML::Parsers::SAX2Parser.new(source).parse
+ end
end
end