ruby-changes:7512
From: shugo <ko1@a...>
Date: Mon, 1 Sep 2008 22:41:59 +0900 (JST)
Subject: [ruby-changes:7512] Ruby:r19033 (trunk): * lib/rexml/document.rb: limit entity expansion.
shugo 2008-09-01 22:41:38 +0900 (Mon, 01 Sep 2008) New Revision: 19033 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=19033 Log: * lib/rexml/document.rb: limit entity expansion. * lib/rexml/entity.rb: ditto. * test/rexml/test_document.rb: ditto. Added directories: trunk/test/rexml/ Added files: trunk/test/rexml/test_document.rb Modified files: trunk/ChangeLog trunk/lib/rexml/document.rb trunk/lib/rexml/entity.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 19032) +++ ChangeLog (revision 19033) @@ -1,3 +1,11 @@ +Mon Sep 1 22:37:06 2008 Shugo Maeda <shugo@r...> + + * lib/rexml/document.rb: limit entity expansion. + + * lib/rexml/entity.rb: ditto. + + * test/rexml/test_document.rb: ditto. + Mon Sep 1 22:20:22 2008 Tanaka Akira <akr@f...> * tool/transcode-tblgen.rb: make offsets arrays into single array. Index: lib/rexml/document.rb =================================================================== --- lib/rexml/document.rb (revision 19032) +++ lib/rexml/document.rb (revision 19033) @@ -32,6 +32,7 @@ # @param context if supplied, contains the context of the document; # this should be a Hash. def initialize( source = nil, context = {} ) + @entity_expansion_count = 0 super() @context = context return if source.nil? @@ -200,6 +201,27 @@ Parsers::StreamParser.new( source, listener ).parse end + @@entity_expansion_limit = 10_000 + + # Set the entity expansion limit. By defualt the limit is set to 10000. + def Document::entity_expansion_limit=( val ) + @@entity_expansion_limit = val + end + + # Get the entity expansion limit. By defualt the limit is set to 10000. + def Document::entity_expansion_limit + return @@entity_expansion_limit + end + + attr_reader :entity_expansion_count + + def record_entity_expansion + @entity_expansion_count += 1 + if @entity_expansion_count > @@entity_expansion_limit + raise "number of entity expansions exceeded, processing aborted." + end + end + private def build( source ) Parsers::TreeParser.new( source, self ).parse Index: lib/rexml/entity.rb =================================================================== --- lib/rexml/entity.rb (revision 19032) +++ lib/rexml/entity.rb (revision 19033) @@ -73,6 +73,7 @@ # all entities -- both %ent; and &ent; entities. This differs from # +value()+ in that +value+ only replaces %ent; entities. def unnormalized + document.record_entity_expansion v = value() return nil if v.nil? @unnormalized = Text::unnormalize(v, parent) Index: test/rexml/test_document.rb =================================================================== --- test/rexml/test_document.rb (revision 0) +++ test/rexml/test_document.rb (revision 19033) @@ -0,0 +1,83 @@ +require "rexml/document" +require "test/unit" + +class REXML::TestDocument < Test::Unit::TestCase + def test_new + doc = REXML::Document.new(<<EOF) +<?xml version="1.0" encoding="UTF-8"?> +<message>Hello world!</message> +EOF + assert_equal("Hello world!", doc.root.children.first.value) + end + + def test_entity_expansion_limit + xml = <<EOF +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE member [ + <!ENTITY a "&b;&b;&b;&b;&b;&b;&b;&b;&b;&b;"> + <!ENTITY b "&c;&c;&c;&c;&c;&c;&c;&c;&c;&c;"> + <!ENTITY c "&d;&d;&d;&d;&d;&d;&d;&d;&d;&d;"> + <!ENTITY d "&e;&e;&e;&e;&e;&e;&e;&e;&e;&e;"> + <!ENTITY e "&f;&f;&f;&f;&f;&f;&f;&f;&f;&f;"> + <!ENTITY f "&g;&g;&g;&g;&g;&g;&g;&g;&g;&g;"> + <!ENTITY g "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"> +]> +<member> +&a; +</member> +EOF + doc = REXML::Document.new(xml) + assert_raise(RuntimeError) do + doc.root.children.first.value + end + REXML::Document.entity_expansion_limit = 100 + assert_equal(100, REXML::Document.entity_expansion_limit) + doc = REXML::Document.new(xml) + assert_raise(RuntimeError) do + doc.root.children.first.value + end + assert_equal(101, doc.entity_expansion_count) + end +end +require "rexml/document" +require "test/unit" + +class REXML::TestDocument < Test::Unit::TestCase + def test_new + doc = REXML::Document.new(<<EOF) +<?xml version="1.0" encoding="UTF-8"?> +<message>Hello world!</message> +EOF + assert_equal("Hello world!", doc.root.children.first.value) + end + + XML_WITH_NESTED_ENTITY = <<EOF +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE member [ + <!ENTITY a "&b;&b;&b;&b;&b;&b;&b;&b;&b;&b;"> + <!ENTITY b "&c;&c;&c;&c;&c;&c;&c;&c;&c;&c;"> + <!ENTITY c "&d;&d;&d;&d;&d;&d;&d;&d;&d;&d;"> + <!ENTITY d "&e;&e;&e;&e;&e;&e;&e;&e;&e;&e;"> + <!ENTITY e "&f;&f;&f;&f;&f;&f;&f;&f;&f;&f;"> + <!ENTITY f "&g;&g;&g;&g;&g;&g;&g;&g;&g;&g;"> + <!ENTITY g "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"> +]> +<member> +&a; +</member> +EOF + + def test_entity_expansion_limit + doc = REXML::Document.new(XML_WITH_NESTED_ENTITY) + assert_raise(RuntimeError) do + doc.root.children.first.value + end + REXML::Document.entity_expansion_limit = 100 + assert_equal(100, REXML::Document.entity_expansion_limit) + doc = REXML::Document.new(XML_WITH_NESTED_ENTITY) + assert_raise(RuntimeError) do + doc.root.children.first.value + end + assert_equal(101, doc.entity_expansion_count) + end +end -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/