packages/apache-poi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
apache-poi/Adjust-handling-of-SchemaFactory.patch
hht8 bf80364a70 Fix CVE-2019-12415
2020-12-02 09:44:19 +08:00

62 lines
2.8 KiB
Diff
Raw Blame History

From 06f28db213744590c98feed69bda7d5f5c011b38 Mon Sep 17 00:00:00 2001
From: PJ Fanning <fanningpj@apache.org>
Date: Tue, 24 Sep 2019 18:33:37 +0000
Subject: [PATCH] Bug 63768: Adjust handling of SchemaFactory
git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1867484 13f79535-47bb-0310-9956-ffa450edef68
---
.../poi/xssf/extractor/XSSFExportToXml.java | 16 +-
.../xssf/extractor/TestXSSFExportToXML.java | 532 +++++++++---------
test-data/spreadsheet/xxe_in_schema.xlsx | Bin 0 -> 9801 bytes
3 files changed, 286 insertions(+), 262 deletions(-)
create mode 100644 test-data/spreadsheet/xxe_in_schema.xlsx
diff --git a/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExportToXml.java b/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExportToXml.java
index 9320a226db..53984fec28 100644
--- a/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExportToXml.java
+++ b/src/ooxml/java/org/apache/poi/xssf/extractor/XSSFExportToXml.java
@@ -28,6 +28,7 @@ Licensed to the Apache Software Foundation (ASF) under one or more
import java.util.Map;
import java.util.Vector;
+import javax.xml.XMLConstants;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Source;
import javax.xml.transform.Transformer;
@@ -241,9 +242,10 @@ public void exportToXML(OutputStream os, String encoding, boolean validate) thro
* @throws SAXException If validating the document fails
*/
private boolean isValid(Document xml) throws SAXException{
- try{
+ try {
String language = "http://www.w3.org/2001/XMLSchema";
SchemaFactory factory = SchemaFactory.newInstance(language);
+ trySetFeature(factory, XMLConstants.FEATURE_SECURE_PROCESSING, true);
Source source = new DOMSource(map.getSchema());
Schema schema = factory.newSchema(source);
@@ -313,7 +315,7 @@ private Node getNodeByXPath(String xpath,Node rootNode,Document doc,boolean crea
String[] xpathTokens = xpath.split("/");
- Node currentNode =rootNode;
+ Node currentNode = rootNode;
// The first token is empty, the second is the root node
for(int i =2; i<xpathTokens.length;i++) {
@@ -535,4 +537,14 @@ private Node getComplexTypeNodeFromSchemaChildren(Node xmlSchema, Node complexTy
}
return complexTypeNode;
}
+
+ private static void trySetFeature(SchemaFactory sf, String feature, boolean enabled) {
+ try {
+ sf.setFeature(feature, enabled);
+ } catch (Exception e) {
+ LOG.log(POILogger.WARN, "SchemaFactory Feature unsupported", feature, e);
+ } catch (AbstractMethodError ame) {
+ LOG.log(POILogger.WARN, "Cannot set SchemaFactory feature because outdated XML parser in classpath", feature, ame);
+ }
+ }
}
Reference in New Issue View Git Blame Copy Permalink