Source

defusedexpat /

Filename Size Date modified Message
Modules26
Modules27
Modules31
Modules32
Modules33
expat
xmltestdata
203 B
138 B
821 B
2.4 KB
383 B
1.2 KB
4.8 KB
2.2 KB
5.5 KB
11.1 KB
6.2 KB

defusedexpat

defusedexpat protects the XML packages of Python's standard library from several denial of service vulnerabilities and external entity exploits. It contains

  • a modified and enhanced version of expat parser library
  • replacements for pyexpat and cElementTree's _elementtree extension modules
  • loader code that replaces built-in extensions with the modified extensions
  • monkey patches for xml.sax and xml.dom to prevent external entity expansions

In order to protect your application you have to import the defusedxml module before any of the stdlib's XML modules.

Countermeasures

  • limited entity expansion level to antagonize billion laugh attacks
  • limited total length of expansions to prevent quadratic blowups
  • monkey patch to prevent retrieval of external entities and DTDs

Modifications

Modifications in pyexpat

Parser object

New parser attributes (r/w)

  • max_entity_indirections
  • max_entity_expansions
  • reset_dtd

Module constants

  • XML_DEFAULT_MAX_ENTITY_INDIRECTIONS
  • XML_DEFAULT_MAX_ENTITY_EXPANSIONS
  • XML_BOMB_PROTECTION

Modules functions

  • get_reset_dtd(), set_reset_dtd(bool)
  • get_max_entity_expansions(), set_max_entity_expansions(int)
  • get_max_entity_indirections(), et_max_entity_indirections(int)

New CAPI members

  • capi.GetFeature
  • capi.SetFeature
  • capi.GetFeatureDefault
  • capi.SetFeatureDefault

Modifications in _elementtree

_elementtree.XMLParser

New arguments and r/o attributes

  • max_entity_indirections
  • max_entity_expansions
  • ignore_dtd

Modifications in expat

new definitions:

XML_BOMB_PROTECTION
XML_DEFAULT_MAX_ENTITY_INDIRECTIONS
XML_DEFAULT_MAX_ENTITY_EXPANSIONS
XML_DEFAULT_RESET_DTD

new XML_FeatureEnum members:

XML_FEATURE_MAX_ENTITY_INDIRECTIONS
XML_FEATURE_MAX_ENTITY_EXPANSIONS
XML_FEATURE_IGNORE_DTD

new XML_Error members:

XML_ERROR_ENTITY_INDIRECTIONS
XML_ERROR_ENTITY_EXPANSION

new API functions:

int XML_GetFeature(XML_Parser parser,
                   enum XML_FeatureEnum feature,
                   long *value);
int XML_SetFeature(XML_Parser parser,
                   enum XML_FeatureEnum feature,
                   long value);
int XML_GetFeatureDefault(enum XML_FeatureEnum feature,
                          long *value);
int XML_SetFeatureDefault(enum XML_FeatureEnum feature,
                          long value);
XML_FEATURE_MAX_ENTITY_INDIRECTIONS

Limit the amount of indirections that are allowed to occur during the expansion of a nested entity. A counter starts when an entity reference is encountered. It resets after the entity is fully expanded. The limit protects the parser against exponential entity expansion attacks (aka billion laughs attack). When the limit is exceeded the parser stops and fails with XML_ERROR_ENTITY_INDIRECTIONS. A value of 0 disables the protection.

Supported range
0 .. UINT_MAX
Default
40
XML_FEATURE_MAX_ENTITY_EXPANSIONS

Limit the total length of all entity expansions throughout the entire document. The lengths of all entities are accumulated in a parser variable. The setting protects against quadratic blowup attacks (lots of expansions of a large entity declaration). When the sum of all entities exceeds the limit, the parser stops and fails with XML_ERROR_ENTITY_EXPANSION. A value of 0 disables the protection.

Supported range
0 .. UINT_MAX
Default
8 MiB
XML_FEATURE_RESET_DTD

Reset all DTD information after the <!DOCTYPE> block has been parsed. When the flag is set (default: false) all DTD information after the endDoctypeDeclHandler has been called. The flag can be set inside the endDoctypeDeclHandler. Without DTD information any entity reference in the document body leads to XML_ERROR_UNDEFINED_ENTITY.

Supported range
0, 1
Default
0

Requirements

  • Python 2.6.6 or newer (2.6.8 or newer for randomized hashing)
  • Python 2.7 (2.7.3 or newer for randomized hashing and Windows binaries)
  • Python 3.1 (3.1.5 or newer for randomized hashing and Windows binaries)
  • Python 3.2 (3.2.3 or newer for randomized hashing and Windows binaries)
  • Python 3.3.0 or newer

Windows binaries are compatible to 2.6.6, 2.7.3, 3.1.5, 3.2.3 or 3.3.0 or newer micro releases. They don't work on older versions.

License

Copyright (c) 2013 by Christian Heimes <christian@python.org>

Licensed to PSF under a Contributor Agreement.

See http://www.python.org/psf/license for licensing details.

Contributors

Antoine Pitrou
code review
Brett Cannon
code review
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.