Bug 63793 - Fix unsecure XML Parsing
Summary: Fix unsecure XML Parsing
Status: RESOLVED FIXED
Alias: None
Product: JMeter
Classification: Unclassified
Component: Main (show other bugs)
Version: 5.1.1
Hardware: All All
: P2 normal (vote)
Target Milestone: JMETER_5.2
Assignee: JMeter issues mailing list
URL:
Keywords: FixedInTrunk
Depends on:
Blocks:
 
Reported: 2019-10-01 08:42 UTC by Philippe Mouawad
Modified: 2019-10-01 09:29 UTC (History)
1 user (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Philippe Mouawad 2019-10-01 08:42:49 UTC
As reported by Sonar
Comment 1 Philippe Mouawad 2019-10-01 09:29:06 UTC
pmouawad pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jmeter.git

commit d467f5368f65aca65d6ebd81f3d9fb7bec4967b4
Author: pmouawad <p.mouawad@ubik-ingenierie.com>
AuthorDate: Tue Oct 1 10:45:56 2019 +0200

    Bug 63793 - Fix unsecure XML Parsing
---
 .../org/apache/jmeter/assertions/XMLAssertion.java     |  6 +++++-
 .../apache/jmeter/assertions/XMLSchemaAssertion.java   |  3 ++-
 .../org/apache/jmeter/gui/action/SchematicView.java    |  2 ++
 .../jmeter/gui/action/template/TemplateManager.java    |  2 ++
 .../main/java/org/apache/jmeter/util/XPathUtil.java    | 18 ++++++++++++------
 .../apache/jmeter/functions/XPathFileContainer.java    |  5 ++++-
 .../protocol/http/proxy/DefaultSamplerCreator.java     |  2 ++
 .../jms/sampler/render/ObjectMessageRenderer.java      |  1 +
 xdocs/changes.xml                                      | 11 +++++++++++
 9 files changed, 41 insertions(+), 9 deletions(-)
 
pmouawad pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jmeter.git

commit bccc3e05760930ab210da78feccb68f8830da6c9
Author: pmouawad <p.mouawad@ubik-ingenierie.com>
AuthorDate: Tue Oct 1 11:23:29 2019 +0200

    Add test for unsecure XML loading
---
 .../java/org/apache/jmeter/assertions/XMLAssertion.java    |  4 +---
 .../org/apache/jmeter/assertions/XmlAssertionTest.java     | 14 ++++++++++++++
 2 files changed, 15 insertions(+), 3 deletions(-)