diff -r 5e7a0fedabdf -r 877f952ae2bd web/lib/Zend/XmlRpc/Request.php --- a/web/lib/Zend/XmlRpc/Request.php Thu Mar 21 17:31:31 2013 +0100 +++ b/web/lib/Zend/XmlRpc/Request.php Thu Mar 21 19:50:53 2013 +0100 @@ -14,7 +14,7 @@ * * @category Zend * @package Zend_Controller - * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) + * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) * @license http://framework.zend.com/license/new-bsd New BSD License */ @@ -41,9 +41,9 @@ * * @category Zend * @package Zend_XmlRpc - * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) + * @copyright Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com) * @license http://framework.zend.com/license/new-bsd New BSD License - * @version $Id: Request.php 20208 2010-01-11 22:37:37Z lars $ + * @version $Id: Request.php 25033 2012-08-17 19:50:08Z matthew $ */ class Zend_XmlRpc_Request { @@ -303,12 +303,26 @@ return false; } + // @see ZF-12293 - disable external entities for security purposes + $loadEntities = libxml_disable_entity_loader(true); try { - $xml = new SimpleXMLElement($request); + $dom = new DOMDocument; + $dom->loadXML($request); + foreach ($dom->childNodes as $child) { + if ($child->nodeType === XML_DOCUMENT_TYPE_NODE) { + require_once 'Zend/XmlRpc/Exception.php'; + throw new Zend_XmlRpc_Exception( + 'Invalid XML: Detected use of illegal DOCTYPE' + ); + } + } + $xml = simplexml_import_dom($dom); + libxml_disable_entity_loader($loadEntities); } catch (Exception $e) { // Not valid XML $this->_fault = new Zend_XmlRpc_Fault(631); $this->_fault->setEncoding($this->getEncoding()); + libxml_disable_entity_loader($loadEntities); return false; }