Drupal 7.31

2 files changed, 10 insertions, 0 deletions

diff --git a/modules/openid/openid.inc b/modules/openid/openid.inc
index d7ef663b4..a1da1d0b5 100644
--- a/modules/openid/openid.inc
+++ b/modules/openid/openid.inc
@@ -158,6 +158,11 @@ function _openid_xrds_parse($raw_xml) {
     return array();
   }
 
+  // Also stop parsing if there is an unreasonably large number of tags.
+  if ($dom->getElementsByTagName('*')->length > variable_get('openid_xrds_maximum_tag_count', 30000)) {
+    return array();
+  }
+
   // Parse the DOM document for the information we need.
   if ($xml = simplexml_import_dom($dom)) {
     foreach ($xml->children(OPENID_NS_XRD)->XRD as $xrd) {
diff --git a/modules/simpletest/tests/xmlrpc.test b/modules/simpletest/tests/xmlrpc.test
index 1a0fd86db..1a9ef2349 100644
--- a/modules/simpletest/tests/xmlrpc.test
+++ b/modules/simpletest/tests/xmlrpc.test
@@ -211,6 +211,11 @@ class XMLRPCMessagesTestCase extends DrupalWebTestCase {
    * Make sure that XML-RPC can transfer large messages.
    */
   function testSizedMessages() {
+    // These tests can produce up to 128 x 160 words in the XML-RPC message
+    // (see xmlrpc_test_message_sized_in_kb()) with 4 tags used to represent
+    // each. Set a large enough tag limit to allow this to be tested.
+    variable_set('xmlrpc_message_maximum_tag_count', 100000);
+
     $xml_url = url(NULL, array('absolute' => TRUE)) . 'xmlrpc.php';
     $sizes = array(8, 80, 160);
     foreach ($sizes as $size) {