8000 fixed XML decoding attack vector through external entities · s7ntech/symfony@5bf4f92 · GitHub
[go: up one dir, main page]
Skip to content

Commit 5bf4f92

Browse files
fabpotfabpot
committed
fixed XML decoding attack vector through external entities
1 parent 4e0c992 commit 5bf4f92

File tree

5 files changed

+36
-5
lines changed

5 files changed

+36
-5
lines changed

src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -212,16 +212,20 @@ private function parseDefinition($id, $service, $file)
212212
private function parseFile($file)
213213
{
214214
$internalErrors = libxml_use_internal_errors(true);
215+
$disableEntities = libxml_disable_entity_loader(true);
215216
libxml_clear_errors();
216217

217218
$dom = new \DOMDocument();
218219
$dom->validateOnParse = true;
219-
if (!$dom->load($file, LIBXML_NONET | (defined('LIBXML_COMPACT') ? LIBXML_COMPACT : 0))) {
220+
if (!$dom->loadXML(file_get_contents($file), LIBXML_NONET | (defined('LIBXML_COMPACT') ? LIBXML_COMPACT : 0))) {
221+
libxml_disable_entity_loader($disableEntities);
222+
220223
throw new \InvalidArgumentException(implode("\n", $this->getXmlErrors($internalErrors)));
221224
}
222225
$dom->normalizeDocument();
223226

224227
libxml_use_internal_errors($internalErrors);
228+
libxml_disable_entity_loader($disableEntities);
225229

226230
foreach ($dom->childNodes as $child) {
227231
if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {

src/Symfony/Component/DomCrawler/Crawler.php

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -119,10 +119,15 @@ public function addContent($content, $type = null)
119119
*/
120120
public function addHtmlContent($content, $charset = 'UTF-8')
121121
{
122+
$disableEntities = libxml_disable_entity_loader(true);
123+
122124
$dom = new \DOMDocument('1.0', $charset);
123125
$dom->validateOnParse = true;
124126

125127
@$dom->loadHTML($content);
128+
129+
libxml_disable_entity_loader($disableEntities);
130+
126131
$this->addDocument($dom);
127132

128133
$base = $this->filter('base')->extract(array('href'));
@@ -142,11 +147,16 @@ public function addHtmlContent($content, $charset = 'UTF-8')
142147
*/
143148
public function addXmlContent($content, $charset = 'UTF-8')
144149
{
150+
$disableEntities = libxml_disable_entity_loader(true);
151+
145152
$dom = new \DOMDocument('1.0', $charset);
146153
$dom->validateOnParse = true;
147154

148155
// remove the default namespace to make XPath expressions simpler
149-
@$dom->loadXML(str_replace('xmlns', 'ns', $content));
156+
@$dom->loadXML(str_replace('xmlns', 'ns', $content), LIBXML_NONET);
157+
158+
libxml_disable_entity_loader($disableEntities);
159+
150160
$this->addDocument($dom);
151161
}
152162

src/Symfony/Component/Routing/Loader/XmlFileLoader.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -151,16 +151,20 @@ protected function parseRoute(RouteCollection $collection, \DOMElement $definiti
151151
protected function loadFile($file)
152152
{
153153
$internalErrors = libxml_use_internal_errors(true);
154+
$disableEntities = libxml_disable_entity_loader(true);
154155
libxml_clear_errors();
155156

156157
$dom = new \DOMDocument();
157158
$dom->validateOnParse = true;
158-
if (!$dom->load($file, LIBXML_NONET | (defined('LIBXML_COMPACT') ? LIBXML_COMPACT : 0))) {
159+
if (!$dom->loadXML(file_get_contents($file), LIBXML_NONET | (defined('LIBXML_COMPACT') ? LIBXML_COMPACT : 0))) {
160+
libxml_disable_entity_loader($disableEntities);
161+
159162
throw new \InvalidArgumentException(implode("\n", $this->getXmlErrors($internalErrors)));
160163
}
161164
$dom->normalizeDocument();
162165

163166
libxml_use_internal_errors($internalErrors);
167+
libxml_disable_entity_loader($disableEntities);
164168

165169
foreach ($dom->childNodes as $child) {
166170
if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {

src/Symfony/Component/Translation/Loader/XliffFileLoader.php

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,14 +56,19 @@ public function load($resource, $locale, $domain = 'messages')
5656
private function parseFile($file)
5757
{
5858
$internalErrors = libxml_use_internal_errors(true);
59+
$disableEntities = libxml_disable_entity_loader(true);
5960
libxml_clear_errors();
6061

6162
$dom = new \DOMDocument();
6263
$dom->validateOnParse = true;
63-
if (!@$dom->load($file, LIBXML_NONET | (defined('LIBXML_COMPACT') ? LIBXML_COMPACT : 0))) {
64+
if (!@$dom->loadXML(file_get_contents($file), LIBXML_NONET | (defined('LIBXML_COMPACT') ? LIBXML_COMPACT : 0))) {
65+
libxml_disable_entity_loader($disableEntities);
66+
6467
throw new \RuntimeException(implode("\n", $this->getXmlErrors($internalErrors)));
6568
}
6669

70+
libxml_disable_entity_loader($disableEntities);
71+
6772
foreach ($dom->childNodes as $child) {
6873
if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
6974
libxml_use_internal_errors($internalErrors);
@@ -90,6 +95,7 @@ private function parseFile($file)
9095
if (!@$dom->schemaValidateSource($source)) {
9196
throw new \RuntimeException(implode("\n", $this->getXmlErrors($internalErrors)));
9297
}
98+
9399
$dom->normalizeDocument();
94100

95101
libxml_use_internal_errors($internalErrors);

src/Symfony/Component/Validator/Mapping/Loader/XmlFileLoader.php

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -181,16 +181,23 @@ protected function parseOptions(\SimpleXMLElement $nodes)
181181
protected function parseFile($file)
182182
{
183183
$internalErrors = libxml_use_internal_errors(true);
184+
$disableEntities = libxml_disable_entity_loader(true);
184185
libxml_clear_errors();
185186

186187
$dom = new \DOMDocument();
187188
$dom->validateOnParse = true;
188-
if (!$dom->load($file, LIBXML_NONET | (defined('LIBXML_COMPACT') ? LIBXML_COMPACT : 0))) {
189+
if (!$dom->loadXML(file_get_contents($file), LIBXML_NONET | (defined('LIBXML_COMPACT') ? LIBXML_COMPACT : 0))) {
190+
libxml_disable_entity_loader($disableEntities);
191+
189192
throw new MappingException(implode("\n", $this->getXmlErrors($internalErrors)));
190193
}
194+
195+
libxml_disable_entity_loader($disableEntities);
196+
191197
if (!$dom->schemaValidate(__DIR__.'/schema/dic/constraint-mapping/constraint-mapping-1.0.xsd')) {
192198
throw new MappingException(implode("\n", $this->getXmlErrors($internalErrors)));
193199
}
200+
194201
$dom->normalizeDocument();
195202

196203
libxml_use_internal_errors($internalErrors);

0 commit comments

Comments
 (0)
0