dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 125ed0e) | patch
SECURITY: Always expand xml entities when checking SVG's
authorcsteipp <csteipp@wikimedia.org>
Wed, 4 Feb 2015 01:45:05 +0000 (17:45 -0800)
committercsteipp <csteipp@wikimedia.org>
Wed, 1 Apr 2015 16:56:20 +0000 (09:56 -0700)
commitb7ee3aca3877519a823b836de8fb2437187fcaa4
tree21b3b1c6bbdaf1f50d50776bd5f08965609da7e6tree | snapshot
parent125ed0e5ff6bff50140eb2b844443c0389d5e583commit | diff
SECURITY: Always expand xml entities when checking SVG's

XmlTypeCheck's use of xml_parse for filtering SVG's sometimes left xml
entities unexpanded, which can lead to false-negatives when the
callback was used for filtering. Update XmlTypeCheck to use XMLReader
instead, tell the library to fully expand entities, and rely on the
library to error out if it encounters XML that is likely to cause a DoS
if parsed.

Bug: T88310
Change-Id: I77c77a2d6d22f549e7ef969811f7edd77a45dbba
includes/libs/XmlTypeCheck.php diff | blob | history
tests/phpunit/includes/libs/XmlTypeCheckTest.php diff | blob | history
tests/phpunit/includes/upload/UploadBaseTest.php diff | blob | history
Wiklou, le Wiki du Wiklou