Revert "Don't attempt to fetch external entity references blindly with fopen"

It appears that this change broke the libdom tests because they expect to be able to load relative paths, and thus will not work without some external entity ref fetching system.
Therefore this external entity reference fetching problem will need to have a proper fix written to resolve #2313 and avoid the security implications of not taking the base URI into account.

This reverts commit 389f74b11d3f6cd54c32ffcf423cee1c9b07f845.

1 files changed, 35 insertions, 3 deletions

diff --git a/bindings/xml/expat_xmlparser.c b/bindings/xml/expat_xmlparser.c
index 53c3093..e1c22ad 100644
--- a/bindings/xml/expat_xmlparser.c
+++ b/bindings/xml/expat_xmlparser.c
@@ -292,12 +292,44 @@ expat_xmlparser_external_entity_ref_handler(XML_Parser parser,
 					    const XML_Char *system_id,
 					    const XML_Char *public_id)
 {
-	UNUSED(parser);
-	UNUSED(context);
+	FILE *fh;
+	XML_Parser subparser;
+	unsigned char data[1024];
+	size_t len;
+	enum XML_Status status;
+
 	UNUSED(base);
-	UNUSED(system_id);
 	UNUSED(public_id);
 
+	if (system_id == NULL)
+		return XML_STATUS_OK;
+
+	fh = fopen(system_id, "r");
+
+	if (fh == NULL)
+		return XML_STATUS_OK;
+
+	subparser = XML_ExternalEntityParserCreate(parser,
+						   context,
+						   NULL);
+
+	if (subparser == NULL) {
+		fclose(fh);
+		return XML_STATUS_OK;
+	}
+
+	/* Parse the file bit by bit */
+	while ((len = fread(data, 1, 1024, fh)) > 0) {
+		status = XML_Parse(subparser, (const char *)data, len, 0);
+		if (status != XML_STATUS_OK) {
+			XML_ParserFree(subparser);
+			fclose(fh);
+			return XML_STATUS_OK;
+		}
+	}
+	XML_Parse(subparser, "", 0, 1);
+	XML_ParserFree(subparser);
+	fclose(fh);
 	return XML_STATUS_OK;
 }