packages/expat
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
expat/backport-CVE-2024-28757-004.patch
caixiaomeng 82bfddc8b5 fix cve-2024-28757 and cve-2023-52426
2024-04-08 12:39:10 +08:00

76 lines
2.4 KiB
Diff
Raw Permalink Blame History

From cce551e4e1f75b8a3e8dd087bfd6685a2c431cd0 Mon Sep 17 00:00:00 2001
From: caixiaomeng 00662745 <caixiaomeng2@huawei.com>
Date: Thu, 21 Mar 2024 20:40:48 +0800
Subject: [PATCH] tests-Cover-rejection-of-direct-parameter-entity-rec
---
tests/runtests.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 44 insertions(+)
diff --git a/tests/runtests.c b/tests/runtests.c
index 1d83237..03350f4 100644
--- a/tests/runtests.c
+++ b/tests/runtests.c
@@ -12147,6 +12147,48 @@ START_TEST(test_amplification_isolated_external_parser) {
}
END_TEST
+START_TEST(test_recursive_external_parameter_entity_2) {
+ struct TestCase {
+ const char *doc;
+ enum XML_Status expectedStatus;
+ };
+
+ struct TestCase cases[] = {
+ {"<!ENTITY % p1 '%p1;'>", XML_STATUS_ERROR},
+ {"<!ENTITY % p1 '%p1;'>"
+ "<!ENTITY % p1 'first declaration wins'>",
+ XML_STATUS_ERROR},
+ {"<!ENTITY % p1 'first declaration wins'>"
+ "<!ENTITY % p1 '%p1;'>",
+ XML_STATUS_OK},
+ {"<!ENTITY % p1 '&#37;p1;'>", XML_STATUS_OK},
+ };
+
+ for (size_t i = 0; i < sizeof(cases) / sizeof(cases[0]); i++) {
+ const char *const doc = cases[i].doc;
+ const enum XML_Status expectedStatus = cases[i].expectedStatus;
+
+ XML_Parser parser = XML_ParserCreate(NULL);
+ assert(parser != NULL);
+
+ XML_Parser ext_parser = XML_ExternalEntityParserCreate(parser, NULL, NULL);
+ assert(ext_parser != NULL);
+
+ const enum XML_Status actualStatus
+ = _XML_Parse_SINGLE_BYTES(ext_parser, doc, (int)strlen(doc), XML_TRUE);
+
+ assert(actualStatus == expectedStatus);
+ if (actualStatus != XML_STATUS_OK) {
+ assert(XML_GetErrorCode(ext_parser)
+ == XML_ERROR_RECURSIVE_ENTITY_REF);
+ }
+
+ XML_ParserFree(ext_parser);
+ XML_ParserFree(parser);
+ }
+}
+END_TEST
+
static Suite *
make_suite(void) {
Suite *s = suite_create("basic");
@@ -12389,6 +12431,8 @@ make_suite(void) {
tcase_add_test(tc_basic, test_empty_element_abort);
tcase_add_test__ifdef_xml_dtd(tc_basic,
test_amplification_isolated_external_parser);
+ tcase_add_test__ifdef_xml_dtd(tc_basic,
+ test_recursive_external_parameter_entity_2);
tcase_add_test__ifdef_xml_dtd(tc_basic,
test_pool_integrity_with_unfinished_attr);
tcase_add_test(tc_basic, test_nested_entity_suspend);
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink