Factor out dom_remove_all_children()

A few callers remove all children of a node. The way it was done in
node.c was unsafe, because it left nodep->last dangling. It just happens
to not crash if xmlNodeSetContent() is called immediately afterwards.

Author: tstarling

ext/dom/attr.c

@@ -136,7 +136,6 @@ int dom_attr_value_write(dom_object *obj, zval *newval)
 {
 	zend_string *str;
 	xmlAttrPtr attrp = (xmlAttrPtr) dom_object_get_node(obj);
-	xmlNodePtr node, next;
 
 	if (attrp == NULL) {
 		php_dom_throw_error(INVALID_STATE_ERR, 1);
@@ -148,18 +147,8 @@ int dom_attr_value_write(dom_object *obj, zval *newval)
 		return FAILURE;
 	}
 
-	if (attrp->children) {
-		node_list_unlink(attrp->children);
-		node = attrp->children;
-		while (node) {
-			next = node->next;
-			xmlUnlinkNode(node);
-			xmlFreeNode(node);
-			node = next;
-		}
-	}
-
-	node = xmlNewTextLen((xmlChar *) ZSTR_VAL(str), ZSTR_LEN(str));
+	dom_remove_all_children((xmlNodePtr) attrp);
+	xmlNodePtr node = xmlNewTextLen((xmlChar *) ZSTR_VAL(str), ZSTR_LEN(str));
 	xmlAddChild((xmlNodePtr) attrp, node);
 
 	zend_string_release_ex(str, 0);

ext/dom/node.c

@@ -179,11 +179,7 @@ int dom_node_node_value_write(dom_object *obj, zval *newval)
 	switch (nodep->type) {
 		case XML_ELEMENT_NODE:
 		case XML_ATTRIBUTE_NODE:
-			if (nodep->children) {
-				node_list_unlink(nodep->children);
-				php_libxml_node_free_list((xmlNodePtr) nodep->children);
-				nodep->children = NULL;
-			}
+			dom_remove_all_children(nodep);
 			ZEND_FALLTHROUGH;
 		case XML_TEXT_NODE:
 		case XML_COMMENT_NODE:
@@ -783,12 +779,7 @@ int dom_node_text_content_write(dom_object *obj, zval *newval)
 	 * For the other cases, we *can* rely on xmlNodeSetContent because it is either a no-op, or handles
 	 * the content without encoding. */
 	if (type == XML_DOCUMENT_FRAG_NODE || type == XML_ELEMENT_NODE || type == XML_ATTRIBUTE_NODE) {
-		if (nodep->children) {
-			node_list_unlink(nodep->children);
-			php_libxml_node_free_list((xmlNodePtr) nodep->children);
-			nodep->children = NULL;
-		}
-
+		dom_remove_all_children(nodep);
 		xmlNode *textNode = xmlNewText(xmlChars);
 		xmlAddChild(nodep, textNode);
 	} else {

ext/dom/php_dom.c

@@ -1588,4 +1588,14 @@ static int dom_nodelist_has_dimension(zend_object *object, zval *member, int che
 	}
 } /* }}} end dom_nodelist_has_dimension */
 
+void dom_remove_all_children(xmlNodePtr nodep)
+{
+	if (nodep->children) {
+		node_list_unlink(nodep->children);
+		php_libxml_node_free_list((xmlNodePtr) nodep->children);
+		nodep->children = NULL;
+		nodep->last = NULL;
+	}
+}
+
 #endif /* HAVE_DOM */

ext/dom/php_dom.h

@@ -142,6 +142,8 @@ void dom_parent_node_before(dom_object *context, zval *nodes, uint32_t nodesc);
 void dom_child_node_remove(dom_object *context);
 void dom_child_replace_with(dom_object *context, zval *nodes, uint32_t nodesc);
 
+void dom_remove_all_children(xmlNodePtr nodep);
+
 #define DOM_GET_OBJ(__ptr, __id, __prtype, __intern) { \
 	__intern = Z_DOMOBJ_P(__id); \
 	if (__intern->ptr == NULL || !(__ptr = (__prtype)((php_libxml_node_ptr *)__intern->ptr)->node)) { \