diff options
| author | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-10-04 13:55:49 +0200 |
|---|---|---|
| committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-10-04 13:55:49 +0200 |
| commit | c94a473e7580ec49ae46c3f9fc229f1d424b2413 (patch) | |
| tree | 03f729b9efc4aa442f130a8152857278ab31e8ee | |
| parent | 8ecc37bafc86fdf954ea5606b87f04a7bae54570 (diff) | |
fix php-fpm issues
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | articleenhancer/xpatharticleenhancer.php | 15 |
3 files changed, 9 insertions, 9 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 3c5cf2f62..42baf1e70 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,6 @@ owncloud-news (3.301) * **New dependency**: ownCloud >= 7.0.3 +* **Security**: Fix possible [XEE](https://www.owasp.org/index.php/XML_External_Entity_(XXE)_Processing) due to race conditions on php systems using **php-fpm** * **Bugfix**: Fix issue that prevented going below 1 unread count in the window title * **Enhancement**: Show a button to refresh the page instead of reloading the route for pull to refresh @@ -21,7 +21,6 @@ are listed on the [ownCloud apps overview](https://github.com/owncloud/core/wiki * PHP >= 5.4 * libxml >= 2.7.8 (2.9 recommended) * php-curl -* **NO PHP-FPM (FastCGI Process Manager)** ## Supported Browsers * Firefox (Desktop, Android, Firefox OS) @@ -32,7 +31,6 @@ are listed on the [ownCloud apps overview](https://github.com/owncloud/core/wiki * SQLite * MySql - ## Bugs ### Before reporting bugs diff --git a/articleenhancer/xpatharticleenhancer.php b/articleenhancer/xpatharticleenhancer.php index 3edaad695..c80e0c92d 100644 --- a/articleenhancer/xpatharticleenhancer.php +++ b/articleenhancer/xpatharticleenhancer.php @@ -70,9 +70,9 @@ class XPathArticleEnhancer implements ArticleEnhancer { $dom = new \DOMDocument(); - $loadEntities = libxml_disable_entity_loader(true); - @$dom->loadHTML($body); - libxml_disable_entity_loader($loadEntities); + Security::scan($body, $dom, function ($xml, $dom) { + return @$dom->loadHTML($xml, LIBXML_NONET); + }); $xpath = new \DOMXpath($dom); $xpathResult = $xpath->evaluate($search); @@ -136,12 +136,13 @@ class XPathArticleEnhancer implements ArticleEnhancer { $dom->preserveWhiteSpace = false; // return, if xml is empty or loading the HTML fails - $loadEntities = libxml_disable_entity_loader(true); - if( trim($xmlString) == "" || !@$dom->loadHTML($xmlString) ) { - libxml_disable_entity_loader($loadEntities); + $isLoaded = Security::scan($xmlString, $dom, function ($xml, $dom) { + return @$dom->loadHTML($xml, LIBXML_NONET); + }); + + if( trim($xmlString) == "" || !$isLoaded ) { return $xmlString; } - libxml_disable_entity_loader($loadEntities); // remove <!DOCTYPE $dom->removeChild($dom->firstChild); |