fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-02 08:42:15 +09:00
Code Issues Projects Releases Packages Wiki Activity

fix #1227 SECISSUE

Browse source 
- XXE 취약점 문제 해결
- Drupal의 소스코드를 참고하여 `Security::detectingXEE()` 추가
  - 90e884ad0f
- blogapi 애드온 및 `Context::_setXmlRpcArgument()`에서 취약점 방어
- 제보 : 한국인터넷진흥원
This commit is contained in:
bnu 2015-02-04 13:49:21 +09:00
parent 14ffdbe5f0
commit a33a4b3081
3 changed files with 68 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

13
addons/blogapi/blogapi.addon.php
View file

@ -30,8 +30,10 @@ if($_REQUEST['act'] != 'api')
// Read func file
require_once(_XE_PATH_ . 'addons/blogapi/blogapi.func.php');
$xml = $GLOBALS['HTTP_RAW_POST_DATA'];
// If HTTP_RAW_POST_DATA is NULL, Print error message
if(!$GLOBALS['HTTP_RAW_POST_DATA'])
if(!$xml)
{
$content = getXmlRpcFailure(1, 'Invalid Method Call');
printContent($content);
@ -39,7 +41,14 @@ if(!$GLOBALS['HTTP_RAW_POST_DATA'])
// xmlprc parsing
// Parse the requested xmlrpc
$xml = new SimpleXMLElement($GLOBALS['HTTP_RAW_POST_DATA']);
if(Security::detectingXEE($xml))
{
header("HTTP/1.0 400 Bad Request");
exit;
}
if(version_compare(PHP_VERSION, '5.2.11', '<=')) libxml_disable_entity_loader(true);
$xml = new SimpleXMLElement($xml, LIBXML_NONET | LIBXML_NOENT);
$method_name = (string)$xml->methodName;
$params = $xml->params->param;