XML injection (XXE) - Elixir

Need

To prevent potential data exfiltration or remote command execution via XML input.

Context

1. Usage of Elixir for building scalable and fault-tolerant applications
2. Usage of sweet_xml for parsing and manipulating XML data
3. Vulnerability: XML input parsing without proper sanitization

Description

Insecure Code Example

defmodule VulnerableApp do
  def parse(xml) do
    xml
    |> SweetXml.parse()
    |> SweetXml.xpath(~x/data)
  end
end

This code accepts and parses XML input using the SweetXml library without validating or sanitizing the input. As a result, an attacker could inject malicious XML data.

Steps

1. Use a secure XML parser that is configured to reject DTDs (Document Type Definitions).
2. Sanitize and validate all XML input to ensure it does not contain any unexpected or malicious data.

Secure Code Example

defmodule SecureApp do
  def parse(xml) do
    xml
    |> sanitize_input()
    |> SweetXml.parse()
    |> SweetXml.xpath(~x/data)
  end

  defp sanitize_input(xml) do
    # Add your sanitization logic here
  end
end

This code properly sanitizes the XML input before parsing it and is configured to reject DTDs, mitigating the risk of XML injection attacks.

References

Last updated

2023/09/18