From 90e884ad0f7f2cf269d953f7d70966de9fd821ff Mon Sep 17 00:00:00 2001
From: David Rothstein <drothstein@gmail.com>
Date: Wed, 6 Aug 2014 13:14:03 -0400
Subject: Drupal 7.31

---
 modules/openid/openid.inc | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'modules/openid')

diff --git a/modules/openid/openid.inc b/modules/openid/openid.inc
index d7ef663b4..a1da1d0b5 100644
--- a/modules/openid/openid.inc
+++ b/modules/openid/openid.inc
@@ -158,6 +158,11 @@ function _openid_xrds_parse($raw_xml) {
     return array();
   }
 
+  // Also stop parsing if there is an unreasonably large number of tags.
+  if ($dom->getElementsByTagName('*')->length > variable_get('openid_xrds_maximum_tag_count', 30000)) {
+    return array();
+  }
+
   // Parse the DOM document for the information we need.
   if ($xml = simplexml_import_dom($dom)) {
     foreach ($xml->children(OPENID_NS_XRD)->XRD as $xrd) {
-- 
cgit v1.2.3