diff options
Diffstat (limited to 'lib/rexml')
-rw-r--r-- | lib/rexml/document.rb | 10 | ||||
-rw-r--r-- | lib/rexml/rexml.rb | 12 | ||||
-rw-r--r-- | lib/rexml/text.rb | 3 |
3 files changed, 20 insertions, 5 deletions
diff --git a/lib/rexml/document.rb b/lib/rexml/document.rb index 9daa86e6c9..76679d1c16 100644 --- a/lib/rexml/document.rb +++ b/lib/rexml/document.rb @@ -255,16 +255,18 @@ module REXML return @@entity_expansion_limit end - @@entity_expansion_text_limit = 10_240 - # Set the entity expansion limit. By default the limit is set to 10240. + # + # Deprecated. Use REXML.entity_expansion_text_limit= instead. def Document::entity_expansion_text_limit=( val ) - @@entity_expansion_text_limit = val + REXML.entity_expansion_text_limit = val end # Get the entity expansion limit. By default the limit is set to 10240. + # + # Deprecated. Use REXML.entity_expansion_text_limit instead. def Document::entity_expansion_text_limit - return @@entity_expansion_text_limit + return REXML.entity_expansion_text_limit end attr_reader :entity_expansion_count diff --git a/lib/rexml/rexml.rb b/lib/rexml/rexml.rb index f89951171a..bc59a30c64 100644 --- a/lib/rexml/rexml.rb +++ b/lib/rexml/rexml.rb @@ -28,4 +28,16 @@ module REXML Copyright = COPYRIGHT Version = VERSION + + @@entity_expansion_text_limit = 10_240 + + # Set the entity expansion limit. By default the limit is set to 10240. + def self.entity_expansion_text_limit=( val ) + @@entity_expansion_text_limit = val + end + + # Get the entity expansion limit. By default the limit is set to 10240. + def self.entity_expansion_text_limit + return @@entity_expansion_text_limit + end end diff --git a/lib/rexml/text.rb b/lib/rexml/text.rb index 878d13b8e8..7b00b0f104 100644 --- a/lib/rexml/text.rb +++ b/lib/rexml/text.rb @@ -1,3 +1,4 @@ +require 'rexml/rexml' require 'rexml/entity' require 'rexml/doctype' require 'rexml/child' @@ -383,7 +384,7 @@ module REXML sum = 0 string.gsub( /\r\n?/, "\n" ).gsub( REFERENCE ) { s = Text.expand($&, doctype, filter) - if sum + s.bytesize > Document.entity_expansion_text_limit + if sum + s.bytesize > REXML.entity_expansion_text_limit raise "entity expansion has grown too large" else sum += s.bytesize |