Skip to content

Commit 2d6a792

Browse files
symtorsymtor
authored
add input validation for xml with no root (#470)
1 parent 5aa5021 commit 2d6a792

File tree

2 files changed

+46
-0
lines changed

2 files changed

+46
-0
lines changed

service_provider.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -696,6 +696,10 @@ func (sp *ServiceProvider) ParseXMLArtifactResponse(soapResponseXML []byte, poss
696696
retErr.PrivateErr = fmt.Errorf("cannot unmarshal response: %s", err)
697697
return nil, retErr
698698
}
699+
if doc.Root() == nil {
700+
retErr.PrivateErr = errors.New("invalid xml: no root")
701+
return nil, retErr
702+
}
699703
if doc.Root().NamespaceURI() != "http://schemas.xmlsoap.org/soap/envelope/" ||
700704
doc.Root().Tag != "Envelope" {
701705
retErr.PrivateErr = fmt.Errorf("expected a SOAP Envelope")
@@ -803,6 +807,10 @@ func (sp *ServiceProvider) ParseXMLResponse(decodedResponseXML []byte, possibleR
803807
retErr.PrivateErr = err
804808
return nil, retErr
805809
}
810+
if doc.Root() == nil {
811+
retErr.PrivateErr = errors.New("invalid xml: no root")
812+
return nil, retErr
813+
}
806814

807815
assertion, err := sp.parseResponse(doc.Root(), possibleRequestIDs, now, signatureRequired)
808816
if err != nil {

service_provider_test.go

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1786,6 +1786,44 @@ func TestParseBadXMLArtifactResponse(t *testing.T) {
17861786
assert.Check(t, is.Error(err.(*InvalidResponseError).PrivateErr,
17871787
"failed to decrypt EncryptedAssertion: certificate does not match provided key"))
17881788
assert.Check(t, is.Nil(assertion))
1789+
1790+
// no input
1791+
assertion, err = sp.ParseXMLArtifactResponse([]byte("<!-- no xml root -->"), possibleReqIDs, reqID)
1792+
assert.Check(t, is.Error(err.(*InvalidResponseError).PrivateErr,
1793+
"invalid xml: no root"))
1794+
assert.Check(t, is.Nil(assertion))
1795+
1796+
assertion, err = sp.ParseXMLArtifactResponse([]byte("<invalid xml"), possibleReqIDs, reqID)
1797+
assert.Check(t, is.Error(err.(*InvalidResponseError).PrivateErr,
1798+
"invalid xml: XML syntax error on line 1: unexpected EOF"))
1799+
assert.Check(t, is.Nil(assertion))
1800+
}
1801+
1802+
func TestParseBadXMLResponse(t *testing.T) {
1803+
test := NewServiceProviderTest(t)
1804+
TimeNow = func() time.Time {
1805+
rv, _ := time.Parse(timeFormat, "2021-08-17T10:26:57Z")
1806+
return rv
1807+
}
1808+
Clock = dsig.NewFakeClockAt(TimeNow())
1809+
1810+
sp := ServiceProvider{
1811+
Key: test.Key,
1812+
Certificate: test.Certificate,
1813+
MetadataURL: mustParseURL("http://localhost:8000/saml/metadata"),
1814+
AcsURL: mustParseURL("https://example.com/saml2/acs"),
1815+
IDPMetadata: &EntityDescriptor{},
1816+
}
1817+
1818+
assertion, err := sp.ParseXMLResponse([]byte("<!-- no xml root -->"), []string{})
1819+
assert.Check(t, is.Error(err.(*InvalidResponseError).PrivateErr,
1820+
"invalid xml: no root"))
1821+
assert.Check(t, is.Nil(assertion))
1822+
1823+
assertion, err = sp.ParseXMLResponse([]byte("<invalid xml"), []string{})
1824+
assert.Check(t, is.Error(err.(*InvalidResponseError).PrivateErr,
1825+
"invalid xml: XML syntax error on line 1: unexpected EOF"))
1826+
assert.Check(t, is.Nil(assertion))
17891827
}
17901828

17911829
func TestMultipleAssertions(t *testing.T) {

0 commit comments

Comments
 (0)