OpenStack Compute (nova)

  1. Bug #1100282
  2. Comment #78

Comment 78 for bug 1100282

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (master)

Reviewed: https://review.openstack.org/22309
Committed: http://github.com/openstack/nova/commit/59933249054bf71ec963585198583fe78050c9d6
Submitter: Jenkins
Branch: master

commit 59933249054bf71ec963585198583fe78050c9d6
Author: Dan Prince <email address hidden>
Date: Fri Feb 1 17:04:27 2013 -0500

    Add a safe_minidom_parse_string function.

    Adds a new utils.safe_minidom_parse_string function and
    updates external API facing Nova modules to use it.
    This ensures we have safe defaults on our incoming API XML parsing.

    Internally safe_minidom_parse_string uses a ProtectedExpatParser
    class to disable DTDs and entities from being parsed when using
    minidom.

    Fixes LP Bug #1100282.

    Change-Id: Ib90d6379320ff1d007f8a661f7ddaa286ba6918e