* xml.el: Protect parser against XML bombs.

(xml-entity-expansion-limit): New variable. (xml-parse-string, xml-substitute-special): Use it. (xml-parse-dtd): Avoid infloop if the DTD is not terminated. * test/automated/xml-parse-tests.el: Update testcases.
author: Chong Yidong 2012-07-03 13:28:42 +0800
committer: Chong Yidong 2012-07-03 13:28:42 +0800
commit: a76e6535dc91d65de27f194861a5aa21e9b26365 (patch)
tree: 0ab4f191fd1a5e6ed1e2582be7f86aa57638440b /test
parent: 36429c89cbd7282a7614a358e5edb4d37f4a3f47 (diff)
download: emacs-a76e6535dc91d65de27f194861a5aa21e9b26365.tar.gz
emacs-a76e6535dc91d65de27f194861a5aa21e9b26365.zip
2 files changed, 21 insertions, 2 deletions
diff --git a/test/ChangeLog b/test/ChangeLog
index 3ff7124893a..1e77f972965 100644
--- a/test/ChangeLog
+++ b/test/ChangeLog
@@ -1,3 +1,7 @@
+2012-07-03  Chong Yidong  <cyd@gnu.org>
+        * automated/xml-parse-tests.el (xml-parse-tests--bad-data): New.
 2012-07-02  Chong Yidong  <cyd@gnu.org>
        * automated/xml-parse-tests.el (xml-parse-tests--data): More
diff --git a/test/automated/xml-parse-tests.el b/test/automated/xml-parse-tests.el
index ec3d7ca3065..ada9bbd4074 100644
--- a/test/automated/xml-parse-tests.el
+++ b/test/automated/xml-parse-tests.el
@@ -55,14 +55,29 @@
    ("<foo>&#38;amp;</foo>" . ((foo () "&amp;"))))
  "Alist of XML strings and their expected parse trees.")
+(defvar xml-parse-tests--bad-data
+  '(;; XML bomb in content
+    "<!DOCTYPE foo [<!ENTITY lol \"lol\"><!ENTITY lol1 \"&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;\"><!ENTITY lol2 \"&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;\">]><foo>&lol2;</foo>"
+    ;; XML bomb in attribute value
+    "<!DOCTYPE foo [<!ENTITY lol \"lol\"><!ENTITY lol1 \"&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;\"><!ENTITY lol2 \"&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;\">]><foo a=\"&lol2;\">!</foo>"
+    ;; Non-terminating DTD
+    "<!DOCTYPE foo [ <!ENTITY b \"B\"><!ENTITY abc \"a&b;c\">"
+    "<!DOCTYPE foo [ <!ENTITY b \"B\"><!ENTITY abc \"a&b;c\">asdf"
+    "<!DOCTYPE foo [ <!ENTITY b \"B\"><!ENTITY abc \"a&b;c\">asdf&abc;")
+  "List of XML strings that should signal an error in the parser")
 (ert-deftest xml-parse-tests ()
  "Test XML parsing."
  (with-temp-buffer
    (dolist (test xml-parse-tests--data)
      (erase-buffer)
      (insert (car test))
-      (should (equal (cdr test)
+      (should (equal (cdr test) (xml-parse-region))))
-                     (xml-parse-region (point-min) (point-max)))))))
+    (let ((xml-entity-expansion-limit 50))
+      (dolist (test xml-parse-tests--bad-data)
+        (erase-buffer)
+        (insert test)
+        (should-error (xml-parse-region))))))
 ;; Local Variables:
 ;; no-byte-compile: t
author	Chong Yidong	2012-07-03 13:28:42 +0800
committer	Chong Yidong	2012-07-03 13:28:42 +0800
commit	a76e6535dc91d65de27f194861a5aa21e9b26365 (patch)
tree	0ab4f191fd1a5e6ed1e2582be7f86aa57638440b /test
parent	36429c89cbd7282a7614a358e5edb4d37f4a3f47 (diff)
download	emacs-a76e6535dc91d65de27f194861a5aa21e9b26365.tar.gz emacs-a76e6535dc91d65de27f194861a5aa21e9b26365.zip

diff --git a/test/ChangeLog b/test/ChangeLog index 3ff7124893a..1e77f972965 100644 --- a/test/ChangeLog +++ b/test/ChangeLog
@@ -1,3 +1,7 @@
		1	2012-07-03 Chong Yidong <cyd@gnu.org>
		2
		3	* automated/xml-parse-tests.el (xml-parse-tests--bad-data): New.
		4
1	2012-07-02 Chong Yidong <cyd@gnu.org>	5	2012-07-02 Chong Yidong <cyd@gnu.org>
2		6
3	* automated/xml-parse-tests.el (xml-parse-tests--data): More	7	* automated/xml-parse-tests.el (xml-parse-tests--data): More


diff --git a/test/automated/xml-parse-tests.el b/test/automated/xml-parse-tests.el index ec3d7ca3065..ada9bbd4074 100644 --- a/test/automated/xml-parse-tests.el +++ b/test/automated/xml-parse-tests.el
@@ -55,14 +55,29 @@
55	("<foo>&amp;</foo>" . ((foo () "&"))))	55	("<foo>&amp;</foo>" . ((foo () "&"))))
56	"Alist of XML strings and their expected parse trees.")	56	"Alist of XML strings and their expected parse trees.")
57		57
		58	(defvar xml-parse-tests--bad-data
		59	'(;; XML bomb in content
		60	"<!DOCTYPE foo [<!ENTITY lol \"lol\"><!ENTITY lol1 \"&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;\"><!ENTITY lol2 \"&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;\">]><foo>&lol2;</foo>"
		61	;; XML bomb in attribute value
		62	"<!DOCTYPE foo [<!ENTITY lol \"lol\"><!ENTITY lol1 \"&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;\"><!ENTITY lol2 \"&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;\">]><foo a=\"&lol2;\">!</foo>"
		63	;; Non-terminating DTD
		64	"<!DOCTYPE foo [ <!ENTITY b \"B\"><!ENTITY abc \"a&b;c\">"
		65	"<!DOCTYPE foo [ <!ENTITY b \"B\"><!ENTITY abc \"a&b;c\">asdf"
		66	"<!DOCTYPE foo [ <!ENTITY b \"B\"><!ENTITY abc \"a&b;c\">asdf&abc;")
		67	"List of XML strings that should signal an error in the parser")
		68
58	(ert-deftest xml-parse-tests ()	69	(ert-deftest xml-parse-tests ()
59	"Test XML parsing."	70	"Test XML parsing."
60	(with-temp-buffer	71	(with-temp-buffer
61	(dolist (test xml-parse-tests--data)	72	(dolist (test xml-parse-tests--data)
62	(erase-buffer)	73	(erase-buffer)
63	(insert (car test))	74	(insert (car test))
64	(should (equal (cdr test)	75	(should (equal (cdr test) (xml-parse-region))))
65	(xml-parse-region (point-min) (point-max)))))))	76	(let ((xml-entity-expansion-limit 50))
		77	(dolist (test xml-parse-tests--bad-data)
		78	(erase-buffer)
		79	(insert test)
		80	(should-error (xml-parse-region))))))
66		81
67	;; Local Variables:	82	;; Local Variables:
68	;; no-byte-compile: t	83	;; no-byte-compile: t