Merge branch 'master' of git://github.com/zendframework/zf2

zendframework · Aug 20, 2012 · 4281c0c · 4281c0c
commit 4281c0c
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 1 deletion.
diff --git a/src/Request.php b/src/Request.php
@@ -285,7 +285,17 @@ public function loadXml($request)
         // @see ZF-12293 - disable external entities for security purposes
         $loadEntities = libxml_disable_entity_loader(true);
         try {
-            $xml = new \SimpleXMLElement($request);
+            $dom = new \DOMDocument;
+            $dom->loadXML($request);
+            foreach ($dom->childNodes as $child) {
+                if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
+                    throw new Exception\ValueException(
+                        'Invalid XML: Detected use of illegal DOCTYPE'
+                    );
+                }
+            }
+            $xml = simplexml_import_dom($dom);
+            //$xml = new \SimpleXMLElement($request);
             libxml_disable_entity_loader($loadEntities);
         } catch (\Exception $e) {
             // Not valid XML

diff --git a/src/Response.php b/src/Response.php
@@ -158,6 +158,17 @@ public function loadXml($response)
         $loadEntities         = libxml_disable_entity_loader(true);
         $useInternalXmlErrors = libxml_use_internal_errors(true);
         try {
+            $dom = new \DOMDocument;
+            $dom->loadXML($response);
+            foreach ($dom->childNodes as $child) {
+                if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) {
+                    throw new Exception\ValueException(
+                        'Invalid XML: Detected use of illegal DOCTYPE'
+                    );
+                }
+            }
+            // TODO: Locate why this passes tests but a simplexml import doesn't
+            //$xml = simplexml_import_dom($dom);
             $xml = new \SimpleXMLElement($response);
             libxml_disable_entity_loader($loadEntities);
             libxml_use_internal_errors($useInternalXmlErrors);

diff --git a/test/RequestTest.php b/test/RequestTest.php
@@ -322,6 +322,9 @@ public function testSetGetEncoding()
 
     /**
      * @group ZF-12293
+     *
+     * Test should remain, but is defunct since DOCTYPE presence should return FALSE
+     * from loadXml()
      */
     public function testDoesNotAllowExternalEntities()
     {
@@ -334,4 +337,11 @@ public function testDoesNotAllowExternalEntities()
             $this->assertNotContains('Local file inclusion', $method);
         }
     }
+
+    public function testShouldDisallowsDoctypeInRequestXmlAndReturnFalseOnLoading()
+    {
+        $payload = file_get_contents(dirname(__FILE__) . '/_files/ZF12293-request.xml');
+        $payload = sprintf($payload, 'file://' . realpath(dirname(__FILE__) . '/_files/ZF12293-payload.txt'));
+        $this->assertFalse($this->_request->loadXml($payload));
+    }
 }
diff --git a/test/ResponseTest.php b/test/ResponseTest.php
@@ -259,4 +259,11 @@ public function testDoesNotAllowExternalEntities()
             $this->assertNotContains('Local file inclusion', $value);
         }
     }
+
+    public function testShouldDisallowsDoctypeInRequestXmlAndReturnFalseOnLoading()
+    {
+        $payload = file_get_contents(dirname(__FILE__) . '/_files/ZF12293-response.xml');
+        $payload = sprintf($payload, 'file://' . realpath(dirname(__FILE__) . '/_files/ZF12293-payload.txt'));
+        $this->assertFalse($this->_response->loadXml($payload));
+    }
 }