LSN-2014-0003: Don't expand entities when parsing XML

If the XML_PARSE_NOENT flag is passed to libxml2, then any entities in the input document will be fully expanded. This allows the user to read arbitrary files on the host machine by creating an entity pointing to a local file. Removing the XML_PARSE_NOENT flag means that any entities are left unchanged by the parser, or expanded to "" by the XPath APIs. Signed-off-by: N Daniel P. Berrange <berrange@redhat.com> (cherry picked from commit d6b27d3e)

LSN-2014-0003: Don't expand entities when parsing XML
If the XML_PARSE_NOENT flag is passed to libxml2, then any entities in the input document will be fully expanded. This allows the user to read arbitrary files on the host machine by creating an entity pointing to a local file. Removing the XML_PARSE_NOENT flag means that any entities are left unchanged by the parser, or expanded to "" by the XPath APIs. Signed-off-by: N Daniel P. Berrange <berrange@redhat.com> (cherry picked from commit d6b27d3e)
ab07ebeb · Daniel P. Berrange · 58721291 · ab07ebeb
隐藏空白更改
内联并排

Showing with 2 addition and 2 deletion

src/util/virxml.c src/util/virxml.c +2 -2

未找到文件。
--- a/src/util/virxml.c
+++ b/src/util/virxml.c
@@ -746,11 +746,11 @@ virXMLParseHelper(int domcode,

    if (filename) {
        xml = xmlCtxtReadFile(pctxt, filename, NULL,
-                              XML_PARSE_NOENT | XML_PARSE_NONET |
+                              XML_PARSE_NONET |
                              XML_PARSE_NOWARNING);
    } else {
        xml = xmlCtxtReadDoc(pctxt, BAD_CAST xmlStr, url, NULL,
-                             XML_PARSE_NOENT | XML_PARSE_NONET |
+                             XML_PARSE_NONET |
                             XML_PARSE_NOWARNING);
    }
    if (!xml)