mirror of https://github.com/python/cpython
6a95676bb5
Allow controlling Expat >=2.6.0 reparse deferral (CVE-2023-52425) by adding five new methods: - `xml.etree.ElementTree.XMLParser.flush` - `xml.etree.ElementTree.XMLPullParser.flush` - `xml.parsers.expat.xmlparser.GetReparseDeferralEnabled` - `xml.parsers.expat.xmlparser.SetReparseDeferralEnabled` - `xml.sax.expatreader.ExpatParser.flush` Based on the "flush" idea from https://github.com/python/cpython/pull/115138#issuecomment-1932444270 . ### Notes - Please treat as a security fix related to CVE-2023-52425. Includes code suggested-by: Snild Dolkow <snild@sony.com> and by core dev Serhiy Storchaka. |
||
|---|---|---|
| .. | ||
| COPYING | ||
| ascii.h | ||
| asciitab.h | ||
| expat.h | ||
| expat_config.h | ||
| expat_external.h | ||
| iasciitab.h | ||
| internal.h | ||
| latin1tab.h | ||
| nametab.h | ||
| pyexpatns.h | ||
| siphash.h | ||
| utf8tab.h | ||
| winconfig.h | ||
| xmlparse.c | ||
| xmlrole.c | ||
| xmlrole.h | ||
| xmltok.c | ||
| xmltok.h | ||
| xmltok_impl.c | ||
| xmltok_impl.h | ||
| xmltok_ns.c | ||