martinetd
commented
1 year ago Ah, that now fails with libxml2 2.10 (message changed); I've made the 3rd test more lax...
Closed martinetd closed 1 year ago
martinetd
commented
1 year ago Ah, that now fails with libxml2 2.10 (message changed); I've made the 3rd test more lax...
shlomif
commented
1 year ago On Fri, 14 Jul 2023 06:30:02 -0700 Dominique Martinet @.***> wrote:
libxml 2.11 made improved parsing enough to not fail our test:
> Protection against entity expansion attacks, also known as "billion laughs" has been greatly improved. > Malicious files should be detected reliably now and false positives should be reduced. It is possible though that large documents which make heavy use of entities are rejected now.
Adjusts the test to have greater depth and fix exception message which changed a bit; the new exception is as follow: Entity: line 1: parser error : Maximum entity nesting depth exceeded &ha8; &ha8;
Fixes: #79 You can view, comment on, or merge this pull request online at:
https://github.com/shlomif/perl-XML-LibXML/pull/80
-- Commit Summary --
- t/35huge_mode.t: fix test with libxml2 2.11
-- File Changes --
M t/35huge_mode.t (65)-- Patch Links --
https://github.com/shlomif/perl-XML-LibXML/pull/80.patch https://github.com/shlomif/perl-XML-LibXML/pull/80.diff
thanks. i'll try2take a look/
--
Shlomi Fish https://www.shlomifish.org/ What Makes Software Apps High Quality - https://shlom.in/sw-quality
Oh! I wish you could see the look on his face! Actually, I would have also liked to see the look on his face, but just then I woke up from the dream. — https://www.shlomifish.org/humour/TheEnemy/
Please reply to list if it's a mailing list post - https://shlom.in/reply .
libxml 2.11 made improved parsing enough to not fail our test:
Adjusts the test to have greater depth and fix exception message which changed a bit; the new exception is as follow: Entity: line 1: parser error : Maximum entity nesting depth exceeded &ha8; &ha8;
Fixes: #79