README
¶
xml-roundtrip-validator
The Go module github.com/mattermost/xml-roundtrip-validator implements mitigations for multiple security issues in Go's encoding/xml. Applications that use encoding/xml for security-critical operations, such as XML signature validation and SAML, may use the Validate and ValidateAll functions to avoid impact from malicious XML inputs.
Usage
Validate
import (
"strings"
xrv "github.com/mattermost/xml-roundtrip-validator"
)
func DoStuffWithXML(input string) {
if err := xrv.Validate(strings.NewReader(input)); err != nil {
panic(err)
}
// validation succeeded, input is safe
actuallyDoStuffWithXML(input)
}
ValidateAll
import (
"strings"
xrv "github.com/mattermost/xml-roundtrip-validator"
)
func DoStuffWithXML(input string) {
if errs := xrv.ValidateAll(strings.NewReader(input)); len(errs) != 0 {
for err := range errs {
// here you can log each error individually if you like
}
return
}
// validation succeeded, input is safe
actuallyDoStuffWithXML(input)
}
CLI
Compiling:
$ go build cmd/xrv.go
Running:
$ ./xrv good.xml
Document validated without errors
$ ./xrv bad.xml
validator: in token starting at 2:5: roundtrip error: expected {{ :Element} []}, observed {{ Element} []}
$ ./xrv -all bad.xml
validator: in token starting at 2:5: roundtrip error: expected {{ :Element} []}, observed {{ Element} []}
validator: in token starting at 3:5: roundtrip error: expected {{ Element} [{{ :attr} z}]}, observed {{ Element} [{{ attr} z}]}
Go vulnerabilities addressed
Descriptions of the Go vulnerabilities addressed by this module can be found in the advisories directory. Specifically, the issues addressed are:
- Element namespace prefix instability
- Attribute namespace prefix instability
- Directive comment instability
- Any other similar roundtrip issues we may not know about
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CheckToken ¶
CheckToken computes a round trip for a given xml.Token and returns an error if the newly calculated token differs from the original
func Validate ¶
Validate makes sure the given XML bytes survive round trips through encoding/xml without mutations
func ValidateAll ¶
ValidateAll is like Validate, but instead of returning after the first error, it accumulates errors and validates the entire document
Types ¶
type XMLRoundtripError ¶
XMLRoundtripError is returned when a round-trip token doesn't match the original
func (XMLRoundtripError) Error ¶
func (err XMLRoundtripError) Error() string
type XMLValidationError ¶
type XMLValidationError struct {
Start, End, Line, Column int64
// contains filtered or unexported fields
}
XMLValidationError is returned when validating an XML document fails
func (XMLValidationError) Error ¶
func (err XMLValidationError) Error() string
func (XMLValidationError) Unwrap ¶
func (err XMLValidationError) Unwrap() error
Source Files
Directories