mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-11-04 22:40:29 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

use defusedxml to avoid DoS attacks while loading XML

Browse source
This commit is contained in:
Hans-Christoph Steiner 2018-08-29 17:27:04 +02:00
parent cc94ebca30
commit 4d13a904f3
4 changed files with 10 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tests/common.TestCase
View file

@ -681,6 +681,12 @@ class CommonTest(unittest.TestCase):
sig = fdroidserver.common.metadata_find_developer_signature('org.smssecure.smssecure')
self.assertEqual('b30bb971af0d134866e158ec748fcd553df97c150f58b0a963190bbafbeb0868', sig)
def test_parse_xml(self):
manifest = os.path.join('source-files', 'fdroid', 'fdroidclient', 'AndroidManifest.xml')
parsed = fdroidserver.common.parse_xml(manifest)
self.assertIsNotNone(parsed)
self.assertEqual(str(type(parsed)), "<class 'xml.etree.ElementTree.Element'>")
def test_parse_androidmanifests(self):
app = fdroidserver.metadata.App()
app.id = 'org.fdroid.fdroid'