Go

Go

Made by DeepSource

Audit required: encoding/xml is unsafe for security-critical operations GO-S0905

Security
Minor
a06 a07 owasp top 10

Go's encoding/xml is vulnerable for security-critical operations such as XML signature validation and SAML.

Using encoding/xml could make your application vulnerable to attacks when dealing with security-critical operations such as XML signature validation and SAML; otherwise, it is safe to use encoding/xml. The vulnerability present in encoding/xml was first reported to Go Team by Mattermost. Their report recommends using "github.com/mattermost/xml-roundtrip-validator" when your application deals with XML signature validation and SAML because it implements mitigations for multiple security issues that are not present in encoding/xml.

Bad practice

package main

import (
    "encoding/xml"
)

type Person struct {
    Name string `xml:"name"`
    Age  int    `xml:"age"`
}

func Process(input []byte) *Person {
    var p Person
    xml.Unmarshal(input, &p)
    return &p
}

Recommended

package main

import (
    "encoding/xml"
    "strings"

    xrv "github.com/mattermost/xml-roundtrip-validator"
)

type Person struct {
    Name string `xml:"name"`
    Age  int    `xml:"age"`
}

func Process(input []byte) (*Person, error) {
    if errs := xrv.ValidateAll(strings.NewReader(input)); len(errs) != 0 {
        // Process the errors
        return nil, errors.New("invalid xml")
    }

    var p Person
    xml.Unmarshal(input, &p)
    return &p, nil
}

References