From c3252406b334f83d0f2c03c58cee8a8697fc5c16 Mon Sep 17 00:00:00 2001 From: Byron Jones Date: Mon, 13 Apr 2015 14:16:06 +0800 Subject: Bug 1031035: xmlrpc can be DoS'd with billion laughs attack r=LpSolit,a=glob --- Bugzilla/WebService/Server/XMLRPC.pm | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'Bugzilla/WebService') diff --git a/Bugzilla/WebService/Server/XMLRPC.pm b/Bugzilla/WebService/Server/XMLRPC.pm index f3d95ef3d..03d93b597 100644 --- a/Bugzilla/WebService/Server/XMLRPC.pm +++ b/Bugzilla/WebService/Server/XMLRPC.pm @@ -134,6 +134,14 @@ use Bugzilla::WebService::Constants qw(XMLRPC_CONTENT_TYPE_WHITELIST); use Bugzilla::WebService::Util qw(fix_credentials); use Scalar::Util qw(tainted); +sub new { + my $self = shift->SUPER::new(@_); + # Initialise XML::Parser to not expand references to entities, to prevent DoS + require XML::Parser; + $self->{_parser}->parser(parser => XML::Parser->new( NoExpand => 1, Handlers => { Default => sub {} } )); + return $self; +} + sub deserialize { my $self = shift; -- cgit v1.2.3-24-g4f1b