File php-CVE-2015-8866.patch of Package php5.3636

X-Git-Url: http://72.52.91.13:8000/?p=php-src.git;a=blobdiff_plain;f=ext%2Flibxml%2Flibxml.c;h=5f0da89cd3c6bbc0556df733bef32d2b3f58e695;hp=4b7a36a227b28f0ec1877c7fae29273587911b24;hb=de31324c221c1791b26350ba106cc26bad23ace9;hpb=e5e251b02309d046680e9190cfc688fab4e5670e

--- ext/libxml/libxml.c
+++ ext/libxml/libxml.c
@@ -857,6 +857,12 @@ static PHP_RINIT_FUNCTION(libxml)
 		xmlSetGenericErrorFunc(NULL, php_libxml_error_handler);
 		xmlParserInputBufferCreateFilenameDefault(php_libxml_input_buffer_create_filename);
 		xmlOutputBufferCreateFilenameDefault(php_libxml_output_buffer_create_filename);
+
+		/* Enable the entity loader by default. This ensure that
+		 * other threads/requests that might have disable the loader
+		 * do not affect the current request.
+		 */
+		LIBXML(entity_loader_disabled) = 0;
 	}
 	return SUCCESS;
 }