Skip to content
Browse files

Close #1087. Fix JRuby memory exhaustion vulnerability

Thanks to Michal Ochman for fixing this.
  • Loading branch information...
1 parent 492ee64 commit a098ddfc9990ea79dbc191407d3e83611e5ff1e6 @ocher ocher committed with jvshahid Apr 30, 2014
Showing with 17 additions and 3 deletions.
  1. +6 −0 CHANGELOG.rdoc
  2. +5 −3 ext/java/nokogiri/internals/NokogiriNonStrictErrorHandler.java
  3. +6 −0 test/xml/test_document.rb
View
6 CHANGELOG.rdoc
@@ -1,3 +1,9 @@
+=== 1.6.2.2 / unreleased
+
+==== Bug fixes
+
+* Fix JRuby memory exhaustion vulnerability. #1087 (Thanks, @ocher)
+
=== 1.6.2.1 / 2014-05-13
==== Bug fixes
View
8 ext/java/nokogiri/internals/NokogiriNonStrictErrorHandler.java
@@ -90,9 +90,11 @@ public void warning(String domain, String key, XMLParseException e) {
* the parsing to stop, or an error that can be ignored.
*/
private static boolean isFatal(String msg) {
+ String msgLowerCase = msg.toLowerCase();
return
- msg.toLowerCase().contains("in prolog") ||
- msg.toLowerCase().contains("limit") ||
- msg.toLowerCase().contains("preceding the root element must be well-formed");
+ msgLowerCase.contains("in prolog") ||
+ msgLowerCase.contains("limit") ||
+ msgLowerCase.contains("preceding the root element must be well-formed") ||
+ msgLowerCase.contains("following the root element must be well-formed");
}
}
View
6 test/xml/test_document.rb
@@ -625,6 +625,12 @@ def test_memory_explosion_on_invalid_xml
refute_empty doc.errors
end
+ def test_memory_explosion_on_wrong_formatted_element_following_the_root_element
+ doc = Nokogiri::XML("<a/><\n")
+ refute_nil doc
+ refute_empty doc.errors
+ end
+
def test_document_has_errors
doc = Nokogiri::XML(<<-eoxml)
<foo><bar></foo>

0 comments on commit a098ddf

Please sign in to comment.
Something went wrong with that request. Please try again.