CairoSVG icon indicating copy to clipboard operation
CairoSVG copied to clipboard
verified publisher icon Kozea

Allow huge input lookups with the "unsafe" option

Open Ahmed-Shibl opened this issue 5 years ago • 3 comments

I ran cairosvg on a svg file to convert it to pdf and got the following error:

Command used: cairosvg Fig1B_trial_cairosvg.svg -o trial -f pdf

Error:

Traceback (most recent call last):
  File "/Users/as11798/miniconda3/envs/cairosvg/bin/cairosvg", line 6, in <module>
    sys.exit(cairosvg.main())
  File "/Users/as11798/miniconda3/envs/cairosvg/lib/python3.6/site-packages/cairosvg/__init__.py", line 96, in main
    SURFACES[output_format.upper()].convert(**kwargs)
  File "/Users/as11798/miniconda3/envs/cairosvg/lib/python3.6/site-packages/cairosvg/surface.py", line 135, in convert
    tree = Tree(**kwargs)
  File "/Users/as11798/miniconda3/envs/cairosvg/lib/python3.6/site-packages/cairosvg/parser.py", line 362, in __init__
    tree = ElementTree.fromstring(bytestring, parser)
  File "src/lxml/etree.pyx", line 3211, in lxml.etree.fromstring
  File "src/lxml/parser.pxi", line 1877, in lxml.etree._parseMemoryDocument
  File "src/lxml/parser.pxi", line 1765, in lxml.etree._parseDoc
  File "src/lxml/parser.pxi", line 1127, in lxml.etree._BaseParser._parseDoc
  File "src/lxml/parser.pxi", line 601, in lxml.etree._ParserContext._handleParseResultDoc
  File "src/lxml/parser.pxi", line 711, in lxml.etree._handleParseResult
  File "src/lxml/parser.pxi", line 640, in lxml.etree._raiseParseError
  File "<string>", line 307939
lxml.etree.XMLSyntaxError: internal error: Huge input lookup, line 307939, column 22

Additional info:

  • Cairosvg was installed using: conda install -c conda-forge cairosvg
  • A trial with a smaller svg file worked perfectly
  • Python version is "Python 3.6.7"

Ahmed-Shibl avatar May 30 '20 08:05 Ahmed-Shibl

Hello, and thank you for this bug report.

Could you please attach your file, so that we can reproduce the error?

liZe avatar May 30 '20 10:05 liZe

The problem probably comes from the huge file. lxml.etree.XMLParser has security checks for deep trees and long texts. Our unsafe option should allow such files.

liZe avatar May 30 '20 10:05 liZe

@Ahmed-Shibl It looks like your version of CairoSVG is pretty old. Version 2.1.0+ doesn’t use lxml anymore and shouldn’t raise this error, at least with the unsafe option. Could you please check that your version of CairoSVG is up to date? (Latest version is 2.4.2.)

liZe avatar May 30 '20 10:05 liZe