Skip to content

Commit d5c47c9

Browse files
globauglobau
committed
Bug 1031035: xmlrpc can be DoS'd with billion laughs attack
r=LpSolit,a=glob
1 parent b09ffb6 commit d5c47c9

File tree

1 file changed

+2
-1
lines changed

1 file changed

+2
-1
lines changed

Bugzilla/WebService/Server/XMLRPC.pm

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,8 @@ sub new {
135135
my $self = shift->SUPER::new(@_);
136136
# Initialise XML::Parser to not expand references to entities, to prevent DoS
137137
require XML::Parser;
138-
$self->{_parser}->parser(parser => XML::Parser->new( NoExpand => 1, Handlers => { Default => sub {} } ));
138+
my $parser = XML::Parser->new( NoExpand => 1, Handlers => { Default => sub {} } );
139+
$self->{_parser}->parser($parser, $parser);
139140
return $self;
140141
}
141142

0 commit comments

Comments
 (0)