Give warnings when attempting to use encoding iconv doesn't support.

Previously, attempting to set %Core.Encoding to an encoding iconv didn't know about would result in a silent failure, with the return of the boolean false. Now it will fatally error out. Reported-by: mcgrailm <mgm19@psu.edu> Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
2024-09-19 10:45:18 +00:00 · 2008-07-05 03:14:32 -04:00 · 2008-07-05 03:14:32 -04:00 · c845f0bb78
commit c845f0bb78
parent 594268ca3b
3 changed files with 20 additions and 1 deletions
--- a/2
+++ b/2
@ -24,6 +24,8 @@ NEWS ( CHANGELOG and HISTORY )                                     HTMLPurifier
  the strategy to be used, standalone, on untrusted input.
 - Fix two bugs in %URI.MakeAbsolute; one involving empty paths in base URLs,
  the other involving an undefined $is_folder error.
+- Throw error when %Core.Encoding is set to a spurious value. Previously,
+  this errored silently and returned false.
 . Strategy_MakeWellFormed now operates in-place, saving memory and allowing
  for more interesting filter-backtracking
 . New HTMLPurifier_Injector->rewind() functionality, allows injectors to rewind
--- a/library/HTMLPurifier/Encoder.php
+++ b/library/HTMLPurifier/Encoder.php
@ -271,6 +271,12 @@ class HTMLPurifier_Encoder
        set_error_handler(array('HTMLPurifier_Encoder', 'muteErrorHandler'));
        if ($iconv && !$config->get('Test', 'ForceNoIconv')) {
            $str = iconv($encoding, 'utf-8//IGNORE', $str);
+            if ($str === false) {
+                // $encoding is not a valid encoding
+                restore_error_handler();
+                trigger_error('Invalid encoding ' . $encoding, E_USER_ERROR);
+                return '';
+            }
            // If the string is bjorked by Shift_JIS or a similar encoding
            // that doesn't support all of ASCII, convert the naughty
            // characters to their true byte-wise ASCII/UTF-8 equivalents.
@ -282,7 +288,7 @@ class HTMLPurifier_Encoder
            restore_error_handler();
            return $str;
        }
-        trigger_error('Encoding not supported', E_USER_ERROR);
+        trigger_error('Encoding not supported, please install iconv', E_USER_ERROR);
    }
    
    /**
--- a/tests/HTMLPurifier/EncoderTest.php
+++ b/tests/HTMLPurifier/EncoderTest.php
@ -38,6 +38,17 @@ class HTMLPurifier_EncoderTest extends HTMLPurifier_Harness
        );
    }
    
+    function test_convertToUTF8_spuriousEncoding() {
+        // We don't support this as UTF-8, because UTF-8 is the default and
+        // shouldn't be set if not necessary.
+        $this->config->set('Core', 'Encoding', 'utf8');
+        $this->expectError('Invalid encoding utf8');
+        $this->assertIdentical(
+            HTMLPurifier_Encoder::convertToUTF8("\xF6", $this->config, $this->context),
+            ''
+        );
+    }
+    
    function test_convertToUTF8_iso8859_1() {
        $this->config->set('Core', 'Encoding', 'ISO-8859-1');
        $this->assertIdentical(