Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
xmltooling.6778
xmltooling-1.5.6-CVE-2018-0486.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File xmltooling-1.5.6-CVE-2018-0486.patch of Package xmltooling.6778
From a02314e96d6746d29c5697b504d37f2e04a6e6cd Mon Sep 17 00:00:00 2001 From: Scott Cantor <cantor.2@osu.edu> Date: Wed, 10 Jan 2018 12:20:07 -0500 Subject: [PATCH] CPPXT-127 - Block entity reference nodes during unmarshalling. https://issues.shibboleth.net/jira/browse/CPPXT-127 --- xmltooling/io/AbstractXMLObjectUnmarshaller.cpp | 2 ++ 1 file changed, 2 insertions(+) diff --git a/xmltooling/io/AbstractXMLObjectUnmarshaller.cpp b/xmltooling/io/AbstractXMLObjectUnmarshaller.cpp index ae2709e..487348e 100644 --- a/xmltooling/io/AbstractXMLObjectUnmarshaller.cpp +++ b/xmltooling/io/AbstractXMLObjectUnmarshaller.cpp @@ -206,6 +206,8 @@ void AbstractXMLObjectUnmarshaller::unmarshallContent(const DOMElement* domEleme else if (childNode->getNodeType() == DOMNode::TEXT_NODE || childNode->getNodeType() == DOMNode::CDATA_SECTION_NODE) { m_log.debug("processing text content at position (%d)", position); setTextContent(childNode->getNodeValue(), position); + } else if (childNode->getNodeType() == DOMNode::ENTITY_REFERENCE_NODE || childNode->getNodeType() == DOMNode::ENTITY_NODE) { + throw UnmarshallingException("Unmarshaller found Entity/Reference node."); } childNode = childNode->getNextSibling(); -- 1.8.3.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor