Audit: Use of potentially insecure options during XML parsing SW-A1001
Setting the shouldResolveExternalEntities option to true in the XMLParser instance can make your application vulnerable to XXE attacks.
An XXE attack occurs when an attacker tricks an XML parser into processing external entities from a malicious XML input. These external entities could include references to files on the system, network resources, or other sensitive data.
This can lead to various security issues, including: - Data Leakage: Attackers can exfiltrate sensitive information by exploiting the XML parser to load and include arbitrary files. - Denial of Service: By requesting excessively large files or resources, attackers can consume system resources and cause denial-of-service (DoS) conditions. - Server-Side Request Forgery (SSRF): Attackers can make the XML parser perform network requests to internal resources, potentially disclosing sensitive data or facilitating further attacks.
The recommendation is to disable external entity handling when parsing untrusted XML data.
You can achieve this by either leaving the shouldResolveExternalEntities option unset (it should default to false in recent versions of XMLParser) or explicitly setting it to false.
Bad Practice
let parser = XMLParser(data: untrustedData)
// `shouldResolveExternalEntities` has been explicitly enabled
parser.shouldResolveExternalEntities = true
Recommended
let parser = XMLParser(data: untrustedData)
// `shouldResolveExternalEntities` has been explicitly disabled or do not set this option since it is disabled by default
parser.shouldResolveExternalEntities = false