diff --git a/ChangeLog b/ChangeLog index 39442a7717..3f22b12f04 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +Wed Feb 27 21:14:34 2013 Kouhei Sutou + + * lib/rexml/security.rb (REXML::Security): create. + * lib/rexml/rexml.rb: move entity_expansion_limit and + entity_expansion_text_limit accessors to ... + * lib/rexml/security.rb: ... here. + * lib/rexml/document.rb: use REXML::Security. + * lib/rexml/text.rb: use REXML::Security. + * test/rexml/test_document.rb: use REXML::Security. + Wed Feb 27 19:53:32 2013 Benoit Daloze * vm.c (Thread): fix typos in overview diff --git a/lib/rexml/document.rb b/lib/rexml/document.rb index 1c67da8718..4b73696930 100644 --- a/lib/rexml/document.rb +++ b/lib/rexml/document.rb @@ -1,3 +1,4 @@ +require "rexml/security" require "rexml/element" require "rexml/xmldecl" require "rexml/source" @@ -245,37 +246,37 @@ module REXML # Set the entity expansion limit. By default the limit is set to 10000. # - # Deprecated. Use REXML.entity_expansion_limit= instead. + # Deprecated. Use REXML::Security.entity_expansion_limit= instead. def Document::entity_expansion_limit=( val ) - REXML.entity_expansion_limit = val + Security.entity_expansion_limit = val end # Get the entity expansion limit. By default the limit is set to 10000. # - # Deprecated. Use REXML.entity_expansion_limit= instead. + # Deprecated. Use REXML::Security.entity_expansion_limit= instead. def Document::entity_expansion_limit - return REXML.entity_expansion_limit + return Security.entity_expansion_limit end # Set the entity expansion limit. By default the limit is set to 10240. # - # Deprecated. Use REXML.entity_expansion_text_limit= instead. + # Deprecated. Use REXML::Security.entity_expansion_text_limit= instead. def Document::entity_expansion_text_limit=( val ) - REXML.entity_expansion_text_limit = val + Security.entity_expansion_text_limit = val end # Get the entity expansion limit. By default the limit is set to 10240. # - # Deprecated. Use REXML.entity_expansion_text_limit instead. + # Deprecated. Use REXML::Security.entity_expansion_text_limit instead. def Document::entity_expansion_text_limit - return REXML.entity_expansion_text_limit + return Security.entity_expansion_text_limit end attr_reader :entity_expansion_count def record_entity_expansion @entity_expansion_count += 1 - if @entity_expansion_count > REXML.entity_expansion_limit + if @entity_expansion_count > Security.entity_expansion_limit raise "number of entity expansions exceeded, processing aborted." end end diff --git a/lib/rexml/rexml.rb b/lib/rexml/rexml.rb index 472fadb7ee..f89951171a 100644 --- a/lib/rexml/rexml.rb +++ b/lib/rexml/rexml.rb @@ -28,28 +28,4 @@ module REXML Copyright = COPYRIGHT Version = VERSION - - @@entity_expansion_limit = 10_000 - - # Set the entity expansion limit. By default the limit is set to 10000. - def self.entity_expansion_limit=( val ) - @@entity_expansion_limit = val - end - - # Get the entity expansion limit. By default the limit is set to 10000. - def self.entity_expansion_limit - return @@entity_expansion_limit - end - - @@entity_expansion_text_limit = 10_240 - - # Set the entity expansion limit. By default the limit is set to 10240. - def self.entity_expansion_text_limit=( val ) - @@entity_expansion_text_limit = val - end - - # Get the entity expansion limit. By default the limit is set to 10240. - def self.entity_expansion_text_limit - return @@entity_expansion_text_limit - end end diff --git a/lib/rexml/security.rb b/lib/rexml/security.rb new file mode 100644 index 0000000000..593b652dc6 --- /dev/null +++ b/lib/rexml/security.rb @@ -0,0 +1,27 @@ +module REXML + module Security + @@entity_expansion_limit = 10_000 + + # Set the entity expansion limit. By default the limit is set to 10000. + def self.entity_expansion_limit=( val ) + @@entity_expansion_limit = val + end + + # Get the entity expansion limit. By default the limit is set to 10000. + def self.entity_expansion_limit + return @@entity_expansion_limit + end + + @@entity_expansion_text_limit = 10_240 + + # Set the entity expansion limit. By default the limit is set to 10240. + def self.entity_expansion_text_limit=( val ) + @@entity_expansion_text_limit = val + end + + # Get the entity expansion limit. By default the limit is set to 10240. + def self.entity_expansion_text_limit + return @@entity_expansion_text_limit + end + end +end diff --git a/lib/rexml/text.rb b/lib/rexml/text.rb index 7b00b0f104..6624e2a91e 100644 --- a/lib/rexml/text.rb +++ b/lib/rexml/text.rb @@ -1,4 +1,4 @@ -require 'rexml/rexml' +require 'rexml/security' require 'rexml/entity' require 'rexml/doctype' require 'rexml/child' @@ -384,7 +384,7 @@ module REXML sum = 0 string.gsub( /\r\n?/, "\n" ).gsub( REFERENCE ) { s = Text.expand($&, doctype, filter) - if sum + s.bytesize > REXML.entity_expansion_text_limit + if sum + s.bytesize > Security.entity_expansion_text_limit raise "entity expansion has grown too large" else sum += s.bytesize diff --git a/test/rexml/test_document.rb b/test/rexml/test_document.rb index 3ef584c290..cec9452373 100644 --- a/test/rexml/test_document.rb +++ b/test/rexml/test_document.rb @@ -65,24 +65,24 @@ EOF assert_raise(RuntimeError) do doc.root.children.first.value end - REXML::Document.entity_expansion_limit = 100 - assert_equal(100, REXML::Document.entity_expansion_limit) + REXML::Security.entity_expansion_limit = 100 + assert_equal(100, REXML::Security.entity_expansion_limit) doc = REXML::Document.new(XML_WITH_NESTED_ENTITY) assert_raise(RuntimeError) do doc.root.children.first.value end assert_equal(101, doc.entity_expansion_count) - REXML::Document.entity_expansion_limit = 4 + REXML::Security.entity_expansion_limit = 4 doc = REXML::Document.new(XML_WITH_4_ENTITY_EXPANSION) assert_equal("\na\na a\n<\n", doc.root.children.first.value) - REXML::Document.entity_expansion_limit = 3 + REXML::Security.entity_expansion_limit = 3 doc = REXML::Document.new(XML_WITH_4_ENTITY_EXPANSION) assert_raise(RuntimeError) do doc.root.children.first.value end ensure - REXML::Document.entity_expansion_limit = 10000 + REXML::Security.entity_expansion_limit = 10000 end def test_tag_in_cdata_with_not_ascii_only_but_ascii8bit_encoding_source