[Phpmyadmin-git] [SCM] phpMyAdmin branch, QA_3_3, updated. RELEASE_3_3_10_4-22-gc96500f - Git

10 Nov 2011

The branch, QA_3_3 has been updated
       via  c96500ff1d028b2bbc75e0d36ca6b151723b2ad6 (commit)
       via  4bd5476eed81cb17d2869bfe5f45942293bf381c (commit)
       via  75606e5f82280eb1a3817badf1b24d512a010b80 (commit)
       via  1a89c8ecfd09ceace81fb11e488f12599c0e49b6 (commit)
       via  2fbf631384fd8cded55f4500cb87b129442f9ed2 (commit)
       via  5fa86b8e81565c15ddbc359e8f59ecd829a2b717 (commit)
       via  e3d3ef7af2915cf30bf6f3e69e75f9eb58d94be9 (commit)
       via  bd92c092cd422667097e98a3cd8ebc0140338244 (commit)
       via  c79375598d46552fc1717f798a6560f9a1cdc102 (commit)
      from  a60420aa5003426174dde15a0cecfc05579a37bb (commit)
- Log -----------------------------------------------------------------
commit c96500ff1d028b2bbc75e0d36ca6b151723b2ad6
Author: Marc Delisle marc@infomarc.info
Date:   Thu Nov 10 08:43:40 2011 -0500
3.3.10.5 release
commit 4bd5476eed81cb17d2869bfe5f45942293bf381c
Merge: a60420a 75606e5
Author: Marc Delisle marc@infomarc.info
Date:   Thu Nov 10 08:36:26 2011 -0500
Merge branch 'MAINT_3_3_10' into QA_3_3
-----------------------------------------------------------------------
Summary of changes:
 ChangeLog                |    4 +++
 Documentation.html       |    6 +++++
 db_datadict.php          |    2 +-
 libraries/import/ods.php |   12 +++++++++++
 libraries/import/xml.php |   50 ++++++++++++++++++++++++++++-----------------
 5 files changed, 54 insertions(+), 20 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index ec15343..2a74855 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,10 @@ $HeadURL: https://phpmyadmin.svn.sourceforge.net/svnroot/phpmyadmin/trunk/phpMyA
3.3.11.0 (not yet released)
+3.3.10.5 (2011-11-10)
+- [security] Fixed possible local file inclusion in XML import
+(CVE-2011-4107).
+
 3.3.10.4 (2011-08-24)
 - [security] Missing sanitization on the table, column and index names leads to XSS vulnerabilities, see PMASA-2011-13
diff --git a/Documentation.html b/Documentation.html
index 229e8bb..d9bcf0e 100644
--- a/Documentation.html
+++ b/Documentation.html
@@ -81,6 +81,12 @@ vim: expandtab ts=4 sw=4 sts=4 tw=78
                 </li>
                 <li>To support upload progress bars, see <a href="#faq2_9">
                     <abbr title="Frequently Asked Questions">FAQ</abbr> 2.9</a>.</li>
+                <li>To support BLOB streaming, see PHP and MySQL requirements
+                in <a href="#faq6_25">
+                    <abbr title="Frequently Asked Questions">FAQ</abbr> 6.25</a>.</li>
+                <li>To support XML and Open Document Spreadsheet importing,
+                you need PHP 5.2.17 or newer and the 
+                <a href="http://www.php.net/libxml"><tt>libxml</tt></a> extension.</li>
         </ul>
     </li>
     <li><b>MySQL</b> 5.0 or newer (<a href="#faq1_17">details</a>);</li>
diff --git a/db_datadict.php b/db_datadict.php
index 0c16cb7..086d7be 100644
--- a/db_datadict.php
+++ b/db_datadict.php
@@ -70,7 +70,7 @@ while ($row = PMA_DBI_fetch_assoc($rowset)) {
         echo '<div>' . "\n";
     }
-    echo '<h2>' . $table . '</h2>' . "\n";
+    echo '<h2>' . htmlspecialchars($table) . '</h2>' . "\n";
/**
      * Gets table informations
diff --git a/libraries/import/ods.php b/libraries/import/ods.php
index 81aed5e..dcc6a51 100644
--- a/libraries/import/ods.php
+++ b/libraries/import/ods.php
@@ -14,6 +14,13 @@ if (! defined('PHPMYADMIN')) {
 }
/**
+ * We need way to disable external XML entities processing.
+ */
+if (!function_exists('libxml_disable_entity_loader')) {
+    return;
+}
+
+/**
  * The possible scopes for $plugin_param are: 'table', 'database', and 'server'
  */
@@ -62,6 +69,11 @@ while (! ($finished && $i >= $len) && ! $error && ! $timeout_passed) {
 unset($data);
/**
+ * Disable loading of external XML entities.
+ */
+libxml_disable_entity_loader();
+
+/**
  * Load the XML string
  *
  * The option LIBXML_COMPACT is specified because it can
diff --git a/libraries/import/xml.php b/libraries/import/xml.php
index f62328e..9298225 100644
--- a/libraries/import/xml.php
+++ b/libraries/import/xml.php
@@ -13,6 +13,13 @@ if (! defined('PHPMYADMIN')) {
 }
/**
+ * We need way to disable external XML entities processing.
+ */
+if (!function_exists('libxml_disable_entity_loader')) {
+    return;
+}
+
+/**
  * The possible scopes for $plugin_param are: 'table', 'database', and 'server'
  */
@@ -57,6 +64,11 @@ while (! ($finished && $i >= $len) && ! $error && ! $timeout_passed) {
 unset($data);
/**
+ * Disable loading of external XML entities.
+ */
+libxml_disable_entity_loader();
+
+/**
  * Load the XML string
  *
  * The option LIBXML_COMPACT is specified because it can
@@ -141,19 +153,19 @@ if (isset($namespaces['pma'])) {
      * Get structures for all tables
      */
     $struct = $xml->children($namespaces['pma']);
-    
+
     $create = array();
-    
+
     foreach ($struct as $tier1 => $val1) {
         foreach($val1 as $tier2 => $val2) {
             /* Need to select the correct database for the creation of tables, views, triggers, etc. */
             /**
-             * @todo    Generating a USE here blocks importing of a table 
-             *          into another database. 
+             * @todo    Generating a USE here blocks importing of a table
+             *          into another database.
              */
             $attrs = $val2->attributes();
             $create[] = "USE " . PMA_backquote($attrs["name"]);
-            
+
             foreach ($val2 as $val3) {
                 /**
                  * Remove the extra cosmetic spacing
@@ -163,7 +175,7 @@ if (isset($namespaces['pma'])) {
             }
         }
     }
-    
+
     $struct_present = true;
 }
@@ -179,13 +191,13 @@ $data_present = false;
  */
 if (@count($xml->children())) {
     $data_present = true;
-    
+
     /**
      * Process all database content
      */
     foreach ($xml as $k1 => $v1) {
         $tbl_attr = $v1->attributes();
-        
+
         $isInTables = false;
         for ($i = 0; $i < count($tables); ++$i) {
             if (! strcmp($tables[$i][TBL_NAME], (string)$tbl_attr['name'])) {
@@ -193,11 +205,11 @@ if (@count($xml->children())) {
                 break;
             }
         }
-        
+
         if ($isInTables == false) {
             $tables[] = array((string)$tbl_attr['name']);
         }
-        
+
         foreach ($v1 as $k2 => $v2) {
             $row_attr = $v2->attributes();
             if (! array_search((string)$row_attr['name'], $tempRow))
@@ -206,17 +218,17 @@ if (@count($xml->children())) {
             }
             $tempCells[] = (string)$v2;
         }
-        
+
         $rows[] = array((string)$tbl_attr['name'], $tempRow, $tempCells);
-        
+
         $tempRow = array();
         $tempCells = array();
     }
-    
+
     unset($tempRow);
     unset($tempCells);
     unset($xml);
-    
+
     /**
      * Bring accumulated rows into the corresponding table
      */
@@ -227,17 +239,17 @@ if (@count($xml->children())) {
                 if (! isset($tables[$i][COL_NAMES])) {
                     $tables[$i][] = $rows[$j][COL_NAMES];
                 }
-                
+
                 $tables[$i][ROWS][] = $rows[$j][ROWS];
             }
         }
     }
-    
+
     unset($rows);
-    
+
     if (! $struct_present) {
         $analyses = array();
-        
+
         $len = count($tables);
         for ($i = 0; $i < $len; ++$i) {
             $analyses[] = PMA_analyzeTable($tables[$i]);
@@ -289,7 +301,7 @@ if (strlen($db)) {
     if ($db_name === NULL) {
         $db_name = 'XML_DB';
     }
-    
+
     /* Set database collation/charset */
     $options = array(
         'db_collation' => $collation,
hooks/post-receive
-- 
phpMyAdmin


    