summaryrefslogtreecommitdiff
path: root/test/rexml/test_entity.rb
diff options
context:
space:
mode:
Diffstat (limited to 'test/rexml/test_entity.rb')
-rw-r--r--test/rexml/test_entity.rb16
1 files changed, 16 insertions, 0 deletions
diff --git a/test/rexml/test_entity.rb b/test/rexml/test_entity.rb
index 7b9f39495f..ddb6f4565d 100644
--- a/test/rexml/test_entity.rb
+++ b/test/rexml/test_entity.rb
@@ -122,6 +122,22 @@ class EntityTester < Test::Unit::TestCase
end
end
+ def test_entity_string_limit_for_parameter_entity
+ template = '<!DOCTYPE bomb [ <!ENTITY % a "^" > <!ENTITY bomb "$" > ]><root/>'
+ len = 5120 # 5k per entity
+ template.sub!(/\^/, "B" * len)
+
+ # 10k is OK
+ entities = '%a;' * 2 # 5k entity * 2 = 10k
+ REXML::Document.new(template.sub(/\$/, entities))
+
+ # above 10k explodes
+ entities = '%a;' * 3 # 5k entity * 2 = 15k
+ assert_raises(REXML::ParseException) do
+ REXML::Document.new(template.sub(/\$/, entities))
+ end
+ end
+
def test_raw
source = '<!DOCTYPE foo [
<!ENTITY ent "replace">
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 00:56:53 +0000