Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HPCC4J-463 Eliminate External Entity XML parsing #567

Merged
merged 1 commit into from
Jul 1, 2022
Merged

HPCC4J-463 Eliminate External Entity XML parsing #567

merged 1 commit into from
Jul 1, 2022

Conversation

rpastrana
Copy link
Member

@rpastrana rpastrana commented Jun 29, 2022
edited
Loading

  • Provides centralized safer Docbuilder helper method
  • FileSpray and BaseHPCCWsClient to use new safer doc builder

Signed-off-by: Rodrigo Pastrana rodrigo.pastrana@lexisnexisrisk.com

Type of change:

  • This change is a bug fix (non-breaking change which fixes an issue).
  • This change is a new feature (non-breaking change which adds functionality).
  • This change is a breaking change (fix or feature that will cause existing behavior to change).

Checklist:

  • I have created a corresponding JIRA ticket for this submission
  • My code follows the code style of this project.
    • I have applied the Eclipse code-format template provided.
  • My change requires a change to the documentation.
    • I have updated the documentation accordingly, or...
    • I have created a JIRA ticket to update the documentation.
    • Any new interfaces or exported functions are appropriately commented.
  • I have read the HPCC Systems CONTRIBUTORS document (https://github.com/hpcc-systems/HPCC-Platform/wiki/Guide-for-contributors).
  • The change has been fully tested:
    • I have performed unit tests to cover my changes.
    • I have performed system test and covered possible regressions and side effects.
    • I have checked that this change does not introduce memory leaks.
    • I have used Valgrind or similar tools to check for potential issues.
  • I have given due consideration to all of the following potential concerns:
    • Scalability
    • Performance
    • Security
    • Thread-safety
    • Premature optimization
    • Existing deployed queries will not be broken
    • This change fixes the problem, not just the symptom
    • The target branch of this pull request is appropriate for such a change.

Testing:

@rpastrana rpastrana force-pushed the JAPI-463-FileSprayXMLExternalEntity branch from 7734861 to 2dceeb3 Compare June 29, 2022 20:14
@rpastrana rpastrana requested a review from drealeed June 29, 2022 21:16
@rpastrana
Copy link
Member Author

Hi @drealeed please review this PR

@drealeed
Copy link
Collaborator

Looks good, but I don't see a junit test of any kind

@rpastrana
Copy link
Member Author

Thanks @drealeed and great comment regarding the lack of supporting Junit tests...
I will put in tests to ensure the intended settings are indeed set.
And in a separate we hope to add test to ensure the logic actually suppresses external entities (https://track.hpccsystems.com/browse/JAPI-468)

I will mention, the functionality affected by this change is currently covered by pre-existing junit tests...

@rpastrana
HPCC4J-463 Eliminate External Entity XML parsing
31e0b5a 
- Provides centralized safer Docbuilder helper method
- FileSpray and BaseHPCCWsClient to use new safer doc builder
- Adds settings verifying Junit tests

Signed-off-by: Rodrigo Pastrana <rodrigo.pastrana@lexisnexisrisk.com>
@rpastrana rpastrana force-pushed the JAPI-463-FileSprayXMLExternalEntity branch from 2dceeb3 to 31e0b5a Compare June 30, 2022 21:10
@rpastrana
Copy link
Member Author

@drealeed added simple Junit, please give a quick lookover

@rpastrana rpastrana merged commit c760129 into hpcc-systems:candidate-8.8.x Jul 1, 2022
rpastrana added a commit to rpastrana/HPCC4J that referenced this pull request Jul 2, 2022
@rpastrana
HPCC4J-463 Eliminate External Entity XML parsing (hpcc-systems#567)
6e5acc5 
- Provides centralized safer Docbuilder helper method
- FileSpray and BaseHPCCWsClient to use new safer doc builder
- Adds settings verifying Junit tests

Signed-off-by: Rodrigo Pastrana <rodrigo.pastrana@lexisnexisrisk.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@drealeed drealeed Awaiting requested review from drealeed

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rpastrana @drealeed