parser: Implement XML_PARSE_NO_UNZIP option

2025-03-28 21:33:13 +00:00 · 2024-06-11 00:00:32 +02:00 · 2024-06-11 00:00:32 +02:00 · ff3b091910
commit ff3b091910
parent 1432949d3c
5 changed files with 23 additions and 5 deletions
--- a/include/libxml/parser.h
+++ b/include/libxml/parser.h
@ -1243,7 +1243,10 @@ typedef enum {
    XML_PARSE_OLDSAX    = 1<<20,/* parse using SAX2 interface before 2.7.0 */
    XML_PARSE_IGNORE_ENC= 1<<21,/* ignore internal document encoding hint */
    XML_PARSE_BIG_LINES = 1<<22,/* Store big lines numbers in text PSVI field */
-    XML_PARSE_NO_XXE    = 1<<23 /* disable loading of external content */
+    /* since 2.13.0 */
+    XML_PARSE_NO_XXE    = 1<<23,/* disable loading of external content */
+    /* since 2.14.0 */
+    XML_PARSE_NO_UNZIP  = 1<<24 /* disable compressed content */
 } xmlParserOption;

 XMLPUBFUN void
--- a/include/private/parser.h
+++ b/include/private/parser.h
@ -90,6 +90,7 @@ xmlParserNsLookupSax(xmlParserCtxtPtr ctxt, const xmlChar *prefix);

 #define XML_INPUT_BUF_STATIC		(1u << 1)
 #define XML_INPUT_BUF_ZERO_TERMINATED	(1u << 2)
+#define XML_INPUT_UNZIP                 (1u << 3)

 XML_HIDDEN xmlParserInputPtr
 xmlNewInputURL(xmlParserCtxtPtr ctxt, const char *url, const char *publicId,
--- a/parser.c
+++ b/parser.c
@ -13578,6 +13578,13 @@ xmlCtxtSetOptionsInternal(xmlParserCtxtPtr ctxt, int options, int keepMask)
 *
 * Enable reporting of line numbers larger than 65535.
 *
+ * XML_PARSE_NO_UNZIP
+ *
+ * Disables input decompression. Setting this option is recommended
+ * to avoid zip bombs.
+ *
+ * Available since 2.14.0.
+ *
 * Returns 0 in case of success, the set of unknown or unimplemented options
 *         in case of error.
 */
--- a/parserInternals.c
+++ b/parserInternals.c
@ -2050,8 +2050,12 @@ xmlNewInputFromFile(xmlParserCtxtPtr ctxt, const char *filename) {
        if (buf == NULL)
            code = XML_IO_ENOENT;
    } else {
+        int flags = 0;
+
+        if ((ctxt->options & XML_PARSE_NO_UNZIP) == 0)
+            flags |= XML_INPUT_UNZIP;
        code = xmlParserInputBufferCreateUrl(filename, XML_CHAR_ENCODING_NONE,
-                                             0, &buf);
+                                             flags, &buf);
    }
    if (code != XML_ERR_OK) {
        xmlCtxtErrIO(ctxt, code, filename);
--- a/xmlIO.c
+++ b/xmlIO.c
@ -1106,10 +1106,13 @@ xmlIODefaultMatch(const char *filename ATTRIBUTE_UNUSED) {
 */
 static int
 xmlInputDefaultOpen(xmlParserInputBufferPtr buf, const char *filename,
-                    int flags ATTRIBUTE_UNUSED) {
+                    int flags) {
    int ret;
    int fd;

+    /* Avoid unused variable warning */
+    (void) flags;
+
 #ifdef LIBXML_FTP_ENABLED
    if (xmlIOFTPMatch(filename)) {
        buf->context = xmlIOFTPOpen(filename);
@ -1138,7 +1141,7 @@ xmlInputDefaultOpen(xmlParserInputBufferPtr buf, const char *filename,
        return(XML_IO_ENOENT);

 #ifdef LIBXML_LZMA_ENABLED
-    {
+    if (flags & XML_INPUT_UNZIP) {
        xzFile xzStream;

        ret = xmlFdOpen(filename, 0, &fd);
@ -1165,7 +1168,7 @@ xmlInputDefaultOpen(xmlParserInputBufferPtr buf, const char *filename,
 #endif /* LIBXML_LZMA_ENABLED */

 #ifdef LIBXML_ZLIB_ENABLED
-    {
+    if (flags & XML_INPUT_UNZIP) {
        gzFile gzStream;

        ret = xmlFdOpen(filename, 0, &fd);