diff options
| author | Jaime Pérez <jaime.perez@uninett.no> | 2016-07-28 17:14:46 +0200 |
|---|---|---|
| committer | Jaime Pérez <jaime.perez@uninett.no> | 2016-07-28 17:14:46 +0200 |
| commit | 6d215c0b4ebce4957e4541f2cb6cb0bcb154a438 (patch) | |
| tree | 59b9324f69072a8575c30a1b2fffbbef8f74ac1f | |
| parent | f261dfc1463ce867838b947f763470c61774e385 (diff) | |
| download | simplesamlphp-6d215c0b4ebce4957e4541f2cb6cb0bcb154a438.zip simplesamlphp-6d215c0b4ebce4957e4541f2cb6cb0bcb154a438.tar.gz simplesamlphp-6d215c0b4ebce4957e4541f2cb6cb0bcb154a438.tar.bz2 | |
Use AttributeValue serializable objects instead of dumping manually the XML contents.
This way, we avoid completely any possible XXE attack, and simplify the code as we don't need to deal directly with the DOM. The entire AttributeValue will be saved to the backend as XML, and then recovered back when unserializing.
| -rw-r--r-- | lib/SimpleSAML/Session.php | 22 |
1 files changed, 6 insertions, 16 deletions
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php index 91d65b2..bdc84fd 100644 --- a/lib/SimpleSAML/Session.php +++ b/lib/SimpleSAML/Session.php @@ -225,11 +225,9 @@ class SimpleSAML_Session implements Serializable } foreach ($parameters['RawAttributes'] as $attribute => $values) { - foreach ($values as $idx => $value) { - // this should be originally a DOMNodeList - $dom = new \DOMDocument(); - $dom->loadXML($value); - $this->authData[$authority]['Attributes'][$attribute][$idx] = $dom->childNodes; + foreach ($values as $idx => $value) { // this should be originally a DOMNodeList + /* @var \SAML2\XML\saml\AttributeValue $value */ + $this->authData[$authority]['Attributes'][$attribute][$idx] = $value->element->childNodes; } } } @@ -626,17 +624,9 @@ class SimpleSAML_Session implements Serializable continue; } - // ... and we have at least one DOMElement in there, so we dump back to XML to be able to serialize - $original = $value->item(0)->ownerDocument; - $new = new DOMDocument($original->version, $original->encoding); - $n = $value->length; - for ($i = 0; $i < $n; $i++) { - $new->appendChild($new->importNode($value->item($i), true)); - } - $new->saveXML(); - - // save the XML representation to 'RawAttributes', using the same attribute name and index - $data['RawAttributes'][$attribute][$idx] = $new->saveXML(); + // create an AttributeValue object and save it to 'RawAttributes', using same attribute name and index + $attrval = new \SAML2\XML\saml\AttributeValue($value->item(0)->parentNode); + $data['RawAttributes'][$attribute][$idx] = $attrval; } } |