The XML_PARSE_NOENT flag to libxml will cause it to expand all entities in the input XML document when parsing. Doing this is bad practice if the XML input file comes from an untrusted source, because it can cause the XML parser to load arbitrary files that are readable by the user running XML parsing. This is does not have an security consequences given the scenario in which osinfo-db-validate is run since the intended usage is to validate files that are written by the local user, or by the upstream libosinfo maintainers.
In the future though, libosinfo might be able to dynamically download data from the website to refresh its local database, so it is wise to avoid entity expansion as a hardening step. Signed-off-by: Daniel P. Berrange <berra...@redhat.com> --- tools/osinfo-db-validate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/osinfo-db-validate.c b/tools/osinfo-db-validate.c index d8c3af9..530b8a1 100644 --- a/tools/osinfo-db-validate.c +++ b/tools/osinfo-db-validate.c @@ -64,7 +64,7 @@ static xmlDocPtr parse_file(GFile *file, GError **error) } if (!(doc = xmlCtxtReadDoc(pctxt, (const xmlChar*)data, uri, NULL, - XML_PARSE_NOENT | XML_PARSE_NONET | + XML_PARSE_NONET | XML_PARSE_NOWARNING))) { g_set_error(error, OSINFO_DB_ERROR, 0, _("Unable to parse XML document '%s'"), -- 2.13.6 _______________________________________________ Libosinfo mailing list Libosinfo@redhat.com https://www.redhat.com/mailman/listinfo/libosinfo