Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable27] fix(apps): Fix loading info.xml file #39491

Merged
merged 1 commit into from Jul 20, 2023
Merged

[stable27] fix(apps): Fix loading info.xml file #39491

merged 1 commit into from Jul 20, 2023

Conversation

nickvergessen
Copy link
Member

Backport #39490

@nickvergessen
fix(apps): Fix loading info.xml file
2274977 
Ref: https://bugs.php.net/bug.php?id=62577

Signed-off-by: Joas Schilling <coding@schilljs.com>
@nickvergessen nickvergessen added the 3. to review Waiting for reviews label Jul 20, 2023
@nickvergessen nickvergessen added this to the Nextcloud 27.0.1 milestone Jul 20, 2023
@nickvergessen nickvergessen self-assigned this Jul 20, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 20, 2023
View reviewed changes
lib/private/App/InfoParser.php
@@ -63,10 +63,10 @@
libxml_use_internal_errors(true);
if ((PHP_VERSION_ID < 80000)) {
$loadEntities = libxml_disable_entity_loader(false);
$xml = simplexml_load_file($file);
$xml = simplexml_load_string(file_get_contents($file));

Check failure

Code scanning / Psalm

TaintedFile Error

Detected tainted file handling
lib/private/App/InfoParser.php
libxml_disable_entity_loader($loadEntities);
} else {
$xml = simplexml_load_file($file);
$xml = simplexml_load_string(file_get_contents($file));

Check failure

Code scanning / Psalm

TaintedFile Error

Detected tainted file handling
@blizzz blizzz added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Jul 20, 2023
@blizzz blizzz mentioned this pull request Jul 20, 2023
Merged
@blizzz blizzz merged commit feca344 into stable27 Jul 20, 2023
32 of 36 checks passed
@blizzz blizzz deleted the backport/39490/stable27 branch July 20, 2023 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marcelklehr marcelklehr marcelklehr approved these changes

@come-nc come-nc come-nc approved these changes

Assignees

@nickvergessen nickvergessen

Labels
4. to release Ready to be released and/or waiting for tests to finish
Projects
None yet
Milestone
Nextcloud 27.0.1
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@nickvergessen @marcelklehr @come-nc @blizzz