rpms / libvirt

Clone
Source Code
GIT

Blame SOURCES/libvirt-LSN-2014-0003-Don-t-expand-entities-when-parsing-XML.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale
  1.   4fec1bf2c43bdacf4ea13e04f4a222de53798958
  2.   SOURCES
  3.   libvirt-LSN-2014-0003-Don-t-expand-entities-when-parsing-XML.patch
Blob History Raw
4fec1b 
From 4243ecb180e5236351d671a16201816721ee8fd2 Mon Sep 17 00:00:00 2001
4fec1b 
Message-Id: <4243ecb180e5236351d671a16201816721ee8fd2@dist-git>
4fec1b 
From: "Daniel P. Berrange" <berrange@redhat.com>
4fec1b 
Date: Tue, 6 May 2014 15:18:22 +0100
4fec1b 
Subject: [PATCH] LSN-2014-0003: Don't expand entities when parsing XML
4fec1b
4fec1b 
For CVE-2014-0179.
4fec1b
4fec1b 
If the XML_PARSE_NOENT flag is passed to libxml2, then any
4fec1b 
entities in the input document will be fully expanded. This
4fec1b 
allows the user to read arbitrary files on the host machine
4fec1b 
by creating an entity pointing to a local file. Removing
4fec1b 
the XML_PARSE_NOENT flag means that any entities are left
4fec1b 
unchanged by the parser, or expanded to "" by the XPath
4fec1b 
APIs.
4fec1b
4fec1b 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
4fec1b 
(cherry picked from commit d6b27d3e4c40946efa79e91d134616b41b1666c4)
4fec1b 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
4fec1b 
---
4fec1b 
 src/util/virxml.c | 4 ++--
4fec1b 
 1 file changed, 2 insertions(+), 2 deletions(-)
4fec1b
4fec1b 
diff --git a/src/util/virxml.c b/src/util/virxml.c
4fec1b 
index f652ee0..4769569 100644
4fec1b 
--- a/src/util/virxml.c
4fec1b 
+++ b/src/util/virxml.c
4fec1b 
@@ -746,11 +746,11 @@ virXMLParseHelper(int domcode,
4fec1b
4fec1b 
     if (filename) {
4fec1b 
         xml = xmlCtxtReadFile(pctxt, filename, NULL,
4fec1b 
-                              XML_PARSE_NOENT | XML_PARSE_NONET |
4fec1b 
+                              XML_PARSE_NONET |
4fec1b 
                               XML_PARSE_NOWARNING);
4fec1b 
     } else {
4fec1b 
         xml = xmlCtxtReadDoc(pctxt, BAD_CAST xmlStr, url, NULL,
4fec1b 
-                             XML_PARSE_NOENT | XML_PARSE_NONET |
4fec1b 
+                             XML_PARSE_NONET |
4fec1b 
                              XML_PARSE_NOWARNING);
4fec1b 
     }
4fec1b 
     if (!xml)
4fec1b 
--
4fec1b 
2.0.0
4fec1b

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation