From 5574c1237193647ae862c0e27d6f2ace563ad6b2 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Wed, 12 Jul 2023 09:23:37 +0200
Subject: [PATCH] fix(apps): Fix loading info.xml file

Ref: https://bugs.php.net/bug.php?id=62577

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 lib/base.php                                         |  5 +++++
 .../App/CodeChecker/DatabaseSchemaChecker.php        |  2 +-
 lib/private/App/CodeChecker/InfoChecker.php          | 12 ++++++++++++
 lib/private/App/InfoParser.php                       |  2 +-
 lib/private/DB/MDB2SchemaReader.php                  |  2 +-
 lib/private/Installer.php                            |  2 +-
 6 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/lib/base.php b/lib/base.php
index 71d95bf90ba..d7c86c57f65 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -552,6 +552,11 @@ class OC {
 	}
 
 	public static function init() {
+		// prevent any XML processing from loading external entities
+		libxml_set_external_entity_loader(static function () {
+			return null;
+		});
+
 		// calculate the root directories
 		OC::$SERVERROOT = str_replace("\\", '/', substr(__DIR__, 0, -4));
 
diff --git a/lib/private/App/CodeChecker/DatabaseSchemaChecker.php b/lib/private/App/CodeChecker/DatabaseSchemaChecker.php
index 595a3fe0209..8d0dad63793 100644
--- a/lib/private/App/CodeChecker/DatabaseSchemaChecker.php
+++ b/lib/private/App/CodeChecker/DatabaseSchemaChecker.php
@@ -42,7 +42,7 @@ class DatabaseSchemaChecker {
 
 		libxml_use_internal_errors(true);
 		$loadEntities = libxml_disable_entity_loader(false);
-		$xml = simplexml_load_file($appPath . '/appinfo/database.xml');
+		$xml = simplexml_load_string(file_get_contents($appPath . '/appinfo/database.xml'));
 		libxml_disable_entity_loader($loadEntities);
 
 
diff --git a/lib/private/App/CodeChecker/InfoChecker.php b/lib/private/App/CodeChecker/InfoChecker.php
index 038fd34f436..d46a6dbc541 100644
--- a/lib/private/App/CodeChecker/InfoChecker.php
+++ b/lib/private/App/CodeChecker/InfoChecker.php
@@ -44,6 +44,14 @@ class InfoChecker extends BasicEmitter {
 			throw new \RuntimeException("No app with given id <$appId> known.");
 		}
 
+		libxml_set_external_entity_loader(static function ($public, $system, $context) {
+			if ($system === \OC::$SERVERROOT . '/resources/app-info.xsd'
+				|| \OC::$SERVERROOT . '/resources/app-info-shipped.xsd') {
+				return $system;
+			}
+			return null;
+		});
+
 		$xml = new \DOMDocument();
 		$xml->load($appPath . '/appinfo/info.xml');
 
@@ -68,6 +76,10 @@ class InfoChecker extends BasicEmitter {
 			}
 		}
 
+		libxml_set_external_entity_loader(static function () {
+			return null;
+		});
+
 		return $errors;
 	}
 
diff --git a/lib/private/App/InfoParser.php b/lib/private/App/InfoParser.php
index 6a56259a3f5..4c9926ecdb3 100644
--- a/lib/private/App/InfoParser.php
+++ b/lib/private/App/InfoParser.php
@@ -62,7 +62,7 @@ class InfoParser {
 
 		libxml_use_internal_errors(true);
 		$loadEntities = libxml_disable_entity_loader(false);
-		$xml = simplexml_load_file($file);
+		$xml = simplexml_load_string(file_get_contents($file));
 
 		libxml_disable_entity_loader($loadEntities);
 		if ($xml === false) {
diff --git a/lib/private/DB/MDB2SchemaReader.php b/lib/private/DB/MDB2SchemaReader.php
index b371e1a16b2..46985d2002c 100644
--- a/lib/private/DB/MDB2SchemaReader.php
+++ b/lib/private/DB/MDB2SchemaReader.php
@@ -67,7 +67,7 @@ class MDB2SchemaReader {
 	 */
 	public function loadSchemaFromFile($file, Schema $schema) {
 		$loadEntities = libxml_disable_entity_loader(false);
-		$xml = simplexml_load_file($file);
+		$xml = simplexml_load_string(file_get_contents($file));
 		libxml_disable_entity_loader($loadEntities);
 		foreach ($xml->children() as $child) {
 			/**
diff --git a/lib/private/Installer.php b/lib/private/Installer.php
index 9be79ac72bb..ce965622b78 100644
--- a/lib/private/Installer.php
+++ b/lib/private/Installer.php
@@ -316,7 +316,7 @@ class Installer {
 
 						// Check if appinfo/info.xml has the same app ID as well
 						$loadEntities = libxml_disable_entity_loader(false);
-						$xml = simplexml_load_file($extractDir . '/' . $folders[0] . '/appinfo/info.xml');
+						$xml = simplexml_load_string(file_get_contents($extractDir . '/' . $folders[0] . '/appinfo/info.xml'));
 						libxml_disable_entity_loader($loadEntities);
 						if ((string)$xml->id !== $appId) {
 							throw new \Exception(