MCPcopy Create free account
hub / github.com/SourceCode-AI/aura / analyze

Function analyze

aura/analyzers/xml.py:86–99  ·  view source on GitHub ↗

Detect malformed or potentially malicious XML files

(location: ScanLocation)

Source from the content-addressed store, hash-verified

84
85@Analyzer.ID("xml")
86def analyze(location: ScanLocation):
87 """
88 Detect malformed or potentially malicious XML files
89 """
90 if location.str_location.endswith(".xml"):
91 pass
92 elif location.metadata["mime"] not in ALLOWED_MIMES:
93 return
94
95 # Parsing will stop at the first error so we can't set `True` to all the options as it will shadow the problem
96 # We want to catch also combinations of problems so enumerate each option
97 yield from scan(location, forbid_dtd=True, forbid_entities=False, forbid_external=False)
98 yield from scan(location, forbid_dtd=False, forbid_entities=True, forbid_external=False)
99 yield from scan(location, forbid_dtd=False, forbid_entities=False, forbid_external=True)
100

Callers

nothing calls this directly

Calls 1

scanFunction · 0.70

Tested by

no test coverage detected