apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-09 19:45:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

new capacity bits (#67)

Browse source
This commit is contained in:
Eli Peter 2026-05-07 01:29:31 -04:00 committed by GitHub
parent afaffc0df6
commit 7d0e7320e2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
261 changed files with 10591 additions and 231 deletions
Download patch file Download diff file Expand all files Collapse all files

23
tests/fixtures/xxe/java/SafeXxeConfig.java vendored Normal file
View file

@ -0,0 +1,23 @@
// Safe: tainted XML routed through a hardened DocumentBuilder. The
// factory is configured with `FEATURE_SECURE_PROCESSING = true` before
// the builder is produced, and the produced builder inherits that
// hardening fact via the SSA xml-parser-config pass. The downstream
// `builder.parse(...)` sink call therefore sees a secure receiver and
// the XXE bit is suppressed.
import javax.servlet.http.HttpServletRequest;
import javax.xml.XMLConstants;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import java.io.ByteArrayInputStream;
public class SafeXxeConfig {
public Document handle(HttpServletRequest req) throws Exception {
String body = req.getParameter("xml");
DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
factory.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
DocumentBuilder builder = factory.newDocumentBuilder();
return builder.parse(new ByteArrayInputStream(body.getBytes()));
}
}