artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0679236) | patch
Issue a parse error for XML files that include a DOCTYPE section.
authorclaudio <claudio@openbsd.org>
Tue, 9 Nov 2021 11:01:04 +0000 (11:01 +0000)
committerclaudio <claudio@openbsd.org>
Tue, 9 Nov 2021 11:01:04 +0000 (11:01 +0000)
commit8487774ddd2021d76b980f8f27e0cafcbd6b1b7b
tree5c591bd9a2cc9ed793fc346a83b3bab8d8a19bf3tree | snapshot
parent0679236916be423a742e5ed46b6ef94ae8f02c4bcommit | diff
Issue a parse error for XML files that include a DOCTYPE section.
DTD handling is known for various security problems and so it is best to
not even enter that mine field.
Also the RFC defines the RRDP XML schema using RELAX NG instead of DTD.

With and OK benno@ job@ tb@ beck@ deraadt@
usr.sbin/rpki-client/rrdp_delta.c diff | blob | history
usr.sbin/rpki-client/rrdp_notification.c diff | blob | history
usr.sbin/rpki-client/rrdp_snapshot.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim