Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:11.4:Update
python-feedparser
feedparser-issue254-CVE-2011-1157.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File feedparser-issue254-CVE-2011-1157.patch of Package python-feedparser
Index: feedparser-4.1/tests/wellformed/sanitize/xml_malicious_comment.xml =================================================================== --- /dev/null +++ feedparser-4.1/tests/wellformed/sanitize/xml_malicious_comment.xml @@ -0,0 +1,7 @@ +<!-- +Description: malicious comment +Expect: not bozo and feed['title'] == u'safe' +--> +<feed xmlns="http://www.w3.org/2005/Atom"> + <title type="html">sa<!-- -- nonwhitespace >fe<script>alert(1);</script></title> +</feed> Index: feedparser-4.1/tests/wellformed/sanitize/xml_unclosed_comment.xml =================================================================== --- /dev/null +++ feedparser-4.1/tests/wellformed/sanitize/xml_unclosed_comment.xml @@ -0,0 +1,7 @@ +<!-- +Description: unclosed comment +Expect: not bozo and feed['title'] == u'safe' +--> +<feed xmlns="http://www.w3.org/2005/Atom"> + <title type="html">safe<!--</title> +</feed> Index: feedparser-4.1/feedparser.py =================================================================== --- feedparser-4.1.orig/feedparser.py +++ feedparser-4.1/feedparser.py @@ -1657,6 +1657,19 @@ class _HTMLSanitizer(_BaseHTMLProcessor) if not self.unacceptablestack: _BaseHTMLProcessor.handle_data(self, text) + def parse_comment(self, i, report=1): + ret = _BaseHTMLProcessor.parse_comment(self, i, report) + if ret >= 0: + return ret + # if ret == -1, this may be a malicious attempt to circumvent + # sanitization, or a page-destroying unclosed comment + match = re.compile(r'--[^>]*>').search(self.rawdata, i+4) + if match: + return match.end() + # unclosed comment; deliberately fail to handle_data() + return len(self.rawdata) + + def _sanitizeHTML(htmlSource, encoding): p = _HTMLSanitizer(encoding) htmlSource = htmlSource.replace('<![CDATA[', '<![CDATA[')
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor