File tree Expand file tree Collapse file tree 1 file changed +25
-0
lines changed
cpp/ql/test/query-tests/Security/CWE/CWE-611 Expand file tree Collapse file tree 1 file changed +25
-0
lines changed Original file line number Diff line number Diff line change @@ -76,3 +76,28 @@ void test5_6() {
76
76
g_p1->parse (*g_data); // GOOD
77
77
g_p2->parse (*g_data); // BAD (parser not correctly configured) [NOT DETECTED]
78
78
}
79
+
80
+ void test5_7 (DOMImplementationLS *impl, InputSource &data) {
81
+ DOMLSParser *p = impl->createLSParser ();
82
+
83
+ p->parse (data); // BAD (parser not correctly configured) [NOT DETECTED]
84
+
85
+ p->getDomConfig ()->setParameter (XMLUni::fgXercesDisableDefaultEntityResolution, true );
86
+ p->parse (data); // GOOD
87
+
88
+ p->getDomConfig ()->setParameter (XMLUni::fgXercesDisableDefaultEntityResolution, false );
89
+ p->parse (data); // BAD (parser not correctly configured) [NOT DETECTED]
90
+ }
91
+
92
+ void test5_8 (DOMImplementationLS *impl, InputSource &data) {
93
+ DOMLSParser *p = impl->createLSParser ();
94
+ DOMConfiguration *cfg = p->getDomConfig ();
95
+
96
+ p->parse (data); // BAD (parser not correctly configured) [NOT DETECTED]
97
+
98
+ cfg->setParameter (XMLUni::fgXercesDisableDefaultEntityResolution, true );
99
+ p->parse (data); // GOOD
100
+
101
+ cfg->setParameter (XMLUni::fgXercesDisableDefaultEntityResolution, false );
102
+ p->parse (data); // BAD (parser not correctly configured) [NOT DETECTED]
103
+ }
You can’t perform that action at this time.
0 commit comments