From 2771eae0a11f07bd892732232e6ee4e32437230d Mon Sep 17 00:00:00 2001
From: Ben Gruver <bgruv@google.com>
Date: Tue, 8 Mar 2022 14:02:08 -0600
Subject: [PATCH] Use the FEATURE_SECURE_PROCESSING feature for loading
 resource ids

This fixes a potential security issues reported by ready-research at
https://huntr.dev/bounties/c68f1aed-2922-4ebb-9699-00e0aea1d662
---
 .../src/main/java/org/jf/baksmali/BaksmaliOptions.java    | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/baksmali/src/main/java/org/jf/baksmali/BaksmaliOptions.java b/baksmali/src/main/java/org/jf/baksmali/BaksmaliOptions.java
index 76608fb01..a0f757d98 100644
--- a/baksmali/src/main/java/org/jf/baksmali/BaksmaliOptions.java
+++ b/baksmali/src/main/java/org/jf/baksmali/BaksmaliOptions.java
@@ -38,6 +38,7 @@
 import org.xml.sax.SAXException;
 import org.xml.sax.helpers.DefaultHandler;
 
+import javax.xml.XMLConstants;
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.parsers.SAXParser;
 import javax.xml.parsers.SAXParserFactory;
@@ -84,9 +85,12 @@ public class BaksmaliOptions {
     public void loadResourceIds(Map<String, File> resourceFiles) throws SAXException, IOException {
         for (Map.Entry<String, File> entry: resourceFiles.entrySet()) {
             try {
-                SAXParser saxp = SAXParserFactory.newInstance().newSAXParser();
+                SAXParserFactory parserFactory = SAXParserFactory.newInstance();
+                parserFactory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+                SAXParser parser = parserFactory.newSAXParser();
+
                 final String prefix = entry.getKey();
-                saxp.parse(entry.getValue(), new DefaultHandler() {
+                parser.parse(entry.getValue(), new DefaultHandler() {
                     @Override
                     public void startElement(String uri, String localName, String qName,
                                              Attributes attr) throws SAXException {