aboutsummaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit.test/tst/org/eclipse/jgit/gitrepo/ManifestParserTest.java
diff options
context:
space:
mode:
authorIvan Frade <ifrade@google.com>2025-05-13 11:21:42 -0700
committerMatthias Sohn <matthias.sohn@sap.com>2025-05-22 13:55:29 +0200
commit07d00f6dfcb27f9972e3fd0cdbaa6a5724e802c5 (patch)
tree720eeae69820c88b7da8acc23e25e3e863b7b69b /org.eclipse.jgit.test/tst/org/eclipse/jgit/gitrepo/ManifestParserTest.java
parente328d203f20b8cd0a9b55678bfe3678ffd5d8179 (diff)
downloadjgit-07d00f6dfcb27f9972e3fd0cdbaa6a5724e802c5.tar.gz
jgit-07d00f6dfcb27f9972e3fd0cdbaa6a5724e802c5.zip
ManifestParser: Do not accept DOCTYPE and entities
These open the door for XXE attacks [1] and manifest do not need them. [1] https://en.wikipedia.org/wiki/XML_external_entity_attack Change-Id: Ia79971e1c34afaf287584ae4a7f71baebcb48b6a
Diffstat (limited to 'org.eclipse.jgit.test/tst/org/eclipse/jgit/gitrepo/ManifestParserTest.java')
-rw-r--r--org.eclipse.jgit.test/tst/org/eclipse/jgit/gitrepo/ManifestParserTest.java33
1 files changed, 33 insertions, 0 deletions
diff --git a/org.eclipse.jgit.test/tst/org/eclipse/jgit/gitrepo/ManifestParserTest.java b/org.eclipse.jgit.test/tst/org/eclipse/jgit/gitrepo/ManifestParserTest.java
index fca27d32aa..0949d040e9 100644
--- a/org.eclipse.jgit.test/tst/org/eclipse/jgit/gitrepo/ManifestParserTest.java
+++ b/org.eclipse.jgit.test/tst/org/eclipse/jgit/gitrepo/ManifestParserTest.java
@@ -12,12 +12,16 @@ package org.eclipse.jgit.gitrepo;
import static java.nio.charset.StandardCharsets.UTF_8;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import java.io.ByteArrayInputStream;
+import java.io.File;
import java.io.IOException;
import java.net.URI;
+import java.nio.file.Files;
+import java.nio.file.StandardOpenOption;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
@@ -221,4 +225,33 @@ public class ManifestParserTest {
testNormalize("", "");
testNormalize("a/b", "a/b");
}
+
+ @Test
+ public void testXXE() throws Exception {
+ File externalEntity = File.createTempFile("injected", "xml");
+ externalEntity.deleteOnExit();
+ Files.write(externalEntity.toPath(),
+ "<evil>injected xml</evil>"
+ .getBytes(UTF_8),
+ StandardOpenOption.WRITE);
+ String baseUrl = "https://git.google.com/";
+ StringBuilder xmlContent = new StringBuilder();
+ xmlContent.append("<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n")
+ .append("<!DOCTYPE booo [ <!ENTITY foobar SYSTEM \"")
+ .append(externalEntity.getPath()).append("\"> ]>\n")
+ .append("<manifest>")
+ .append("<remote name=\"remote1\" fetch=\".\" />")
+ .append("<default revision=\"master\" remote=\"remote1\" />")
+ .append("&foobar;")
+ .append("<project path=\"foo\" name=\"foo\" groups=\"a,test\" />")
+ .append("</manifest>");
+
+ IOException e = assertThrows(IOException.class,
+ () -> new ManifestParser(null, null, "master", baseUrl, null,
+ null)
+ .read(new ByteArrayInputStream(
+ xmlContent.toString().getBytes(UTF_8))));
+ assertTrue(e.getCause().getMessage().contains("DOCTYPE"));
+ }
+
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-29 12:12:51 +0000