Info Call to XML parsing API

Description

Improper XML parsing could lead to several vulnerabilities which could to arbitrary file access (External XML Entities injection, XML injection) or denial of service (Billion laughs, quadratic blowup).

Recommendation

This entry is informative, no recommendations applicable.

Technical details

Method android.support.v7.widget.ActivityChooserModel$PersistHistoryAsyncTask.doInBackground() calling method android.util.Xml.newSerializer()

Couldn't retrieve source code

Method com.sophos.cloud.core.command.d.b() calling method android.util.Xml.newSerializer()


    public void b()
    {
        java.io.IOException v0_0 = android.util.Xml.newSerializer();
        try {
            String v2_7 = new java.io.FileOutputStream(this.b);
            try {
                v0_0.setOutput(v2_7, "UTF-8");
                v0_0.startDocument("UTF-8", Boolean.valueOf(0));
                v0_0.startTag("", "SMARTMAN");
                String v1_5 = this.d.iterator();
            } catch (java.io.IOException v0_1) {
                if (v2_7 != null) {
                    try {
                        v2_7.close();
                    } catch (String v1_1) {
                        String v2_1 = new StringBuilder();
                        v2_1.append("could not close output stream for file \'");
                        v2_1.append(this.b.getAbsolutePath());
                        v2_1.append("\'");
                        com.sophos.smsec.core.smsectrace.d.b("RESULT", v2_1.toString(), v1_1);
                    }
                }
                throw v0_1;
            }
            while (v1_5.hasNext()) {
                String v3_16 = ((com.sophos.cloud.core.command.c) v1_5.next());
                v0_0.startTag("", "result");
                v0_0.attribute("", "command", v3_16.a());
                v0_0.attribute("", "result", v3_16.b());
                v0_0.attribute("", "transitionID", String.valueOf(v3_16.d()));
                v0_0.attribute("", "commandID", String.valueOf(v3_16.c()));
                String v3_18 = v3_16.e().iterator();
                while (v3_18.hasNext()) {
                    String v4_9 = ((com.sophos.mobilecontrol.client.android.command.definition.CommandParameter) v3_18.next());
                    v0_0.startTag("", "param");
                    v0_0.attribute("", "name", v4_9.getName());
                    v0_0.attribute("", "value", v4_9.getValue());
                    v0_0.endTag("", "param");
                }
                v0_0.endTag("", "result");
            }
            v0_0.endTag("", "SMARTMAN");
            v0_0.endDocument();
            try {
                v2_7.close();
            } catch (java.io.IOException v0_2) {
                String v2_5 = new StringBuilder();
                v2_5.append("could not close output stream for file \'");
                v2_5.append(this.b.getAbsolutePath());
                v2_5.append("\'");
                com.sophos.smsec.core.smsectrace.d.b("RESULT", v2_5.toString(), v0_2);
            }
            return;
        } catch (java.io.IOException v0_1) {
            v2_7 = 0;
        }
    }