Skip to content

bugzilla
bugzilla
Commit d5c47c9a authored by Byron Jones's avatar Byron Jones
Browse files
Options

Bug 1031035: xmlrpc can be DoS'd with billion laughs attack

r=LpSolit,a=glob
parent b09ffb65
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 1 deletion
Bugzilla/WebService/Server/XMLRPC.pm
View file @ d5c47c9a
...@@ -135,7 +135,8 @@ sub new { ...@@ -135,7 +135,8 @@ sub new {
my $self = shift->SUPER::new(@_); my $self = shift->SUPER::new(@_);
# Initialise XML::Parser to not expand references to entities, to prevent DoS # Initialise XML::Parser to not expand references to entities, to prevent DoS
require XML::Parser; require XML::Parser;
$self->{_parser}->parser(parser => XML::Parser->new( NoExpand => 1, Handlers => { Default => sub {} } )); my $parser = XML::Parser->new( NoExpand => 1, Handlers => { Default => sub {} } );
$self->{_parser}->parser($parser, $parser);
return $self; return $self;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment