nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Disable loading of external XML entities when loading XML

Browse Source 
Fixes CVE-2011-4107
This commit is contained in:
Michal Čihař
2011-11-07 14:47:54 +01:00
committed by Marc Delisle
parent e3d3ef7af2
commit 5fa86b8e81
2 changed files with 33 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
libraries/import/ods.php
View File

@@ -61,6 +61,13 @@ while (! ($finished && $i >= $len) && ! $error && ! $timeout_passed) {
unset($data);
/**
* Disable loading of external XML entities.
*/
if (function_exists('libxml_disable_entity_loader')) {
libxml_disable_entity_loader();
}
/**
* Load the XML string
*

7
libraries/import/xml.php
View File

@@ -56,6 +56,13 @@ while (! ($finished && $i >= $len) && ! $error && ! $timeout_passed) {
unset($data);
/**
* Disable loading of external XML entities.
*/
if (function_exists('libxml_disable_entity_loader')) {
libxml_disable_entity_loader();
}
/**
* Load the XML string
*