Closed
Description
Why?
We are using the ruby/rss gem to parse XML feeds and we get RuntimeErrors “entity expansion has grown too large” since rexml 3.3.3 even though there is only default entities in the feeds.
How to reproduce
Code:
# rexml/refactor_entity_example.rb
$LOAD_PATH.unshift(File.expand_path("lib"))
require "rexml/parsers/baseparser"
valid_feed = "<p>#{'A' * 10_240}</p>"
base_parser = REXML::Parsers::BaseParser.new("")
base_parser.unnormalize(valid_feed) # => "<p>" + "A" * 10_240 + "</p>"Error:
❯ bundle exec ruby refactor_entity_example.rb
/Users/vikiv/repos/rexml/lib/rexml/parsers/baseparser.rb:558:in `block in unnormalize': entity expansion has grown too large (RuntimeError)
from /Users/vikiv/repos/rexml/lib/rexml/parsers/baseparser.rb:551:in `each'
from /Users/vikiv/repos/rexml/lib/rexml/parsers/baseparser.rb:551:in `unnormalize'
from refactor_entity_example.rb:8:in `<main>'Suggestion
I suggest we change #entity/#unnormalize to not raise the RuntimeError “entity expansion has grown too large” when the feed consists of only default entities.
diff --git a/lib/rexml/parsers/baseparser.rb b/lib/rexml/parsers/baseparser.rb
index 342f948..d560d3a 100644
--- a/lib/rexml/parsers/baseparser.rb
+++ b/lib/rexml/parsers/baseparser.rb
@@ -505,15 +505,13 @@ module REXML
private :pull_event
def entity( reference, entities )
- value = nil
value = entities[ reference ] if entities
if value
record_entity_expansion
- else
- value = DEFAULT_ENTITIES[ reference ]
- value = value[2] if value
+ return unnormalize( value, entities ) if value
end
- unnormalize( value, entities ) if value
+
+ nil
end
# Escapes all possible entitiesMetadata
Metadata
Assignees
Labels
No labels
Activity