Rooba
/
cpython
mirror of https://github.com/python/cpython.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cpython/Lib/xml/etree
History
Sebastian Pipping 200762426b
[3.9] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115623) (GH-116272) 
Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods:

- `xml.etree.ElementTree.XMLParser.flush`
- `xml.etree.ElementTree.XMLPullParser.flush`
- `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled`
- `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled`
- `xml.sax.expatreader.ExpatParser.flush`

Based on the "flush" idea from https://github.com/python/cpython/pull/115138#issuecomment-1932444270 .

Includes code suggested-by: Snild Dolkow <snild@sony.com>
and by core dev Serhiy Storchaka.

Co-authored-by: Gregory P. Smith <greg@krypto.org>
 		2024-03-07 00:03:30 +01:00
..
ElementInclude.py [3.9] Update URLs in comments and metadata to use HTTPS (GH-27458) (GH-27480) 2021-07-30 16:34:04 +02:00
ElementPath.py [3.9] Remove effbot urls (GH-26308). (#92162) 2022-05-02 12:22:05 -06:00
ElementTree.py [3.9] gh-115398: Expose Expat >=2.6.0 reparse deferral API (CVE-2023-52425) (GH-115623) (GH-116272) 2024-03-07 00:03:30 +01:00
__init__.py [3.9] Update URLs in comments and metadata to use HTTPS (GH-27458) (GH-27480) 2021-07-30 16:34:04 +02:00
cElementTree.py bpo-36543: Revert "bpo-36543: Remove the xml.etree.cElementTree module." (GH-20117) (GH-20780) 2020-06-10 18:01:25 +02:00