merge revision(s) 48161:

* lib/rexml/entity.rb: keep the entity size within the limitation. reported by Willis Vandevanter <will@silentrobots.com> and patched by nahi. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@48162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2014-10-27 11:22:04 +0000
committer: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2014-10-27 11:22:04 +0000
commit: 61ff012d26bb77962dc7d7f7e04d73f8ae54c676 (patch)
tree: 207e8ba7286c8a2f25e4d62b8f3d86240e197228 /test/rexml/test_entity.rb
parent: 2c31816f1abd48cadda2e91262e0b30913fe1694 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/test/rexml/test_entity.rb b/test/rexml/test_entity.rb
index 5900fac7a8..93c4c838f6 100644
--- a/test/rexml/test_entity.rb
+++ b/test/rexml/test_entity.rb
@@ -122,6 +122,22 @@ class EntityTester < Test::Unit::TestCase
     end
   end
 
+  def test_entity_string_limit_for_parameter_entity
+    template = '<!DOCTYPE bomb [ <!ENTITY % a "^" > <!ENTITY bomb "$" > ]><root/>'
+    len      = 5120 # 5k per entity
+    template.sub!(/\^/, "B" * len)
+
+    # 10k is OK
+    entities = '%a;' * 2 # 5k entity * 2 = 10k
+    REXML::Document.new(template.sub(/\$/, entities))
+
+    # above 10k explodes
+    entities = '%a;' * 3 # 5k entity * 2 = 15k
+    assert_raises(REXML::ParseException) do
+      REXML::Document.new(template.sub(/\$/, entities))
+    end
+  end
+
   def test_raw
     source = '<!DOCTYPE foo [
 <!ENTITY ent "replace">
author	usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2014-10-27 11:22:04 +0000
committer	usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2014-10-27 11:22:04 +0000
commit	61ff012d26bb77962dc7d7f7e04d73f8ae54c676 (patch)
tree	207e8ba7286c8a2f25e4d62b8f3d86240e197228 /test/rexml/test_entity.rb
parent	2c31816f1abd48cadda2e91262e0b30913fe1694 (diff)