Don't call libxml_disable_entity_loader for php8+

This functions is deprecated, but since PHP8+ requires libxml 2.9.0 where XXE are disabled by default, there is no need to call it anymore.
author: jvoisin 2020-11-29 19:38:13 +0100
committer: GitHub 2020-11-29 18:38:13 +0000
commit: ea7c76bce6a4704db867210acfad7cab73106ef2 (patch)
tree: d8d68572374f02a063975d5a27c9fd277af3b6a5 /src/sp_disable_xxe.c
parent: 5be9082f148ab546a0317a28ef5267bb797feb53 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/sp_disable_xxe.c b/src/sp_disable_xxe.c
index 53148c8..9ebcbad 100644
--- a/src/sp_disable_xxe.c
+++ b/src/sp_disable_xxe.c
@@ -9,12 +9,15 @@ int hook_libxml_disable_entity_loader() {
  TSRMLS_FETCH();
+// External entities are disabled by default in PHP8+
+#if PHP_VERSION_ID < 80000
  /* Call the php function here instead of re-implementing it is a bit
   * ugly, but we do not want to introduce compile-time dependencies against
   * libxml. */
  ZVAL_STRING(&func_name, "libxml_disable_entity_loader");
  ZVAL_STRING(&params[0], "true");
  call_user_function(CG(function_table), NULL, &func_name, &hmac, 1, params);
+#endif
  HOOK_FUNCTION("libxml_disable_entity_loader", sp_internal_functions_hook,
                PHP_FN(sp_libxml_disable_entity_loader));
author	jvoisin	2020-11-29 19:38:13 +0100
committer	GitHub	2020-11-29 18:38:13 +0000
commit	ea7c76bce6a4704db867210acfad7cab73106ef2 (patch)
tree	d8d68572374f02a063975d5a27c9fd277af3b6a5 /src/sp_disable_xxe.c
parent	5be9082f148ab546a0317a28ef5267bb797feb53 (diff)