Commit 16f51ef1 authored by Evan Ward's avatar Evan Ward Committed by Luc Maisonobe

Disable external XML resources for TDM files

External XML resources can be a security risk if the source of the XML document
is not trusted. Also added a test case.

Part of fixing #368
parent e46684b3
......@@ -35,6 +35,7 @@ import org.orekit.time.AbsoluteDate;
import org.orekit.time.TimeScalesFactory;
import org.orekit.utils.IERSConventions;
import org.xml.sax.Attributes;
import org.xml.sax.InputSource;
import org.xml.sax.Locator;
import org.xml.sax.SAXException;
import org.xml.sax.helpers.DefaultHandler;
......@@ -1010,6 +1011,12 @@ public class TDMParser extends DefaultHandler {
}
}
@Override
public InputSource resolveEntity(final String publicId, final String systemId) {
// disable external entities
return new InputSource();
}
/** Parse a line in an observation data block.
* @exception OrekitException if error in parsing dates or in conversion of number from String
*/
......
......@@ -23,6 +23,10 @@
<release version="9.0.1" date="2017-11-01"
description="Version 9.0.1 is a patch release of Orekit.
It fixes security issus 368.">
<action dev="evan" type="fix">
Disabled XML external resources when parsing rapid XML TDM files.
Part of issue #368.
</action>
<action dev="evan" type="fix">
Disabled XML external resources when parsing rapid XML EOP files.
Part of issue #368.
......
......@@ -18,10 +18,12 @@ package org.orekit.files.ccsds;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.List;
import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
......@@ -50,6 +52,27 @@ public class TDMParserTest {
Utils.setDataRoot("regular-data");
}
@Test
public void testParseTdmExternalResourceIssue368() throws OrekitException {
// setup
TDMParser parser = new TDMParser().withFileFormat(TDMFileFormat.XML);
String name = "/ccsds/XML/TDM-external-doctype.xml";
InputStream in = TDMParserTest.class.getResourceAsStream(name);
try {
// action
parser.parse(in, name);
// verify
Assert.fail("Expected Exception");
} catch (OrekitException e) {
// Malformed URL exception indicates external resource was disabled
// file not found exception indicates parser tried to load the resource
Assert.assertThat(e.getCause(),
CoreMatchers.instanceOf(MalformedURLException.class));
}
}
@Test
public void testParseTdmKeyValueExample2() throws OrekitException, IOException {
// Example 2 of [1]
......
<?xml version="1.0"?>
<!DOCTYPE foo SYSTEM "file:./not-a-real-file.xml">
<foo>bar</foo>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment