Enable huge_tree only when necessary, print the warning to the user

teemtee · Nov 26, 2024 · 21cfe4d · 21cfe4d
1 parent 825cf3d
commit 21cfe4d
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 16 deletions.
diff --git a/tests/report/junit/test.sh b/tests/report/junit/test.sh
@@ -23,6 +23,9 @@ rlJournalStart
 
             # Check there is no schema problem reported
             rlAssertNotGrep 'The generated XML output is not a valid XML file or it is not valid against the XSD schema\.' "$rlRun_LOG"
+
+            # Check the junit plugin prints the warning about huge test output (/test/shell/big-output)
+            rlAssertGrep 'There are huge test outputs or deep XML trees in the generated XML' "$rlRun_LOG"
         rlPhaseEnd
 
         rlPhaseStartTest "[$method] Check the flavor argument is working"
@@ -53,12 +56,14 @@ rlJournalStart
             rlAssertGrep '<test name="/test/shell/pass" value="pass"/>' "custom-template-out.xml"
             rlAssertGrep '<test name="/test/shell/timeout" value="error"/>' "custom-template-out.xml"
             rlAssertGrep '<test name="/test/shell/escape&quot;&lt;speci&amp;l&gt;_chars" value="pass"/>' "custom-template-out.xml"
+            rlAssertGrep '<test name="/test/shell/big-output" value="pass"/>' "custom-template-out.xml"
         rlPhaseEnd
 
         rlPhaseStartTest "[$method] Check the 'custom' flavor with very deep XML trees"
             rlRun -s "tmt run --last -v --id $run_dir execute -h $method report -h junit --file custom-deep-tree-template-out.xml --template-path custom-deep-tree.xml.j2 --flavor custom --force 2>&1 >/dev/null" 2
 
             rlAssertNotGrep 'Excessive depth in document' "$rlRun_LOG"
+            rlAssertGrep 'There are huge test outputs or deep XML trees in the generated XML' "$rlRun_LOG"
         rlPhaseEnd
 
         rlPhaseStartTest "[$method] The 'custom' flavor with a custom **non-XML** template must not work"

diff --git a/tmt/steps/report/junit.py b/tmt/steps/report/junit.py
@@ -311,9 +311,7 @@ def _read_log_filter(log: Path) -> str:
 
     xml_parser_kwargs: dict[str, Any] = {
         'remove_blank_text': prettify,
-        'huge_tree': True,
-        'schema': None,
-        }
+        'schema': None}
 
     # The schema check must be done only for a non-custom JUnit flavors
     if flavor != CUSTOM_FLAVOR_NAME:
@@ -338,30 +336,42 @@ def _read_log_filter(log: Path) -> str:
         # S320: Parsing of untrusted data is known to be vulnerable to XML
         # attacks.
         tree_root: XMLElement = etree.fromstring(xml_data, xml_parser)  # noqa: S320
+    except etree.XMLSyntaxError as error:
+        if any(
+            err_msg in error.msg for err_msg in [
+                'xmlSAX2Characters: huge text node',
+                'Excessive depth in document']):
 
-    except etree.XMLSyntaxError as e:
-        phase.warn(
-            'The generated XML output is not a valid XML file or it is not valid against the '
-            'XSD schema.')
+            phase.warn('There are huge test outputs or deep XML trees in the generated XML, '
+                       "trying again with 'huge_tree' option enabled which allows to use more of "
+                       'the system resources. For more info, please see: '
+                       'https://lxml.de/FAQ.html#is-lxml-vulnerable-to-xml-bombs')
 
-        if flavor != CUSTOM_FLAVOR_NAME:
-            phase.warn('Please, report this problem to project maintainers.')
+            xml_parser_kwargs['huge_tree'] = True
+        else:
+            phase.warn('The generated XML output is not a valid XML file or it is not valid '
+                       'against the XSD schema.')
 
-        for err in e.error_log:
-            phase.warn(str(err))
+            if flavor != CUSTOM_FLAVOR_NAME:
+                phase.warn('Please, report this problem to project maintainers.')
 
-        # Return the prettified XML without checking the XSD
-        del xml_parser_kwargs['schema']
+            for err_log in error.error_log:
+                phase.warn(str(err_log))
 
-        xml_parser = etree.XMLParser(**xml_parser_kwargs)
+            # Disable the checking of XSD schema
+            del xml_parser_kwargs['schema']
 
+        xml_parser = etree.XMLParser(**xml_parser_kwargs)
         try:
             tree_root = etree.fromstring(xml_data, xml_parser)  # noqa: S320
         except etree.XMLSyntaxError as error:
+            for err_log in error.error_log:
+                phase.warn(str(err_log))
+
             phase.verbose('rendered XML', xml_data, 'red')
             raise tmt.utils.ReportError(
-                'The generated XML output is not a valid XML file. Use `--verbose` argument '
-                'to show the output.') from error
+                'The generated XML output is not a valid XML file (SyntaxError). Use `--verbose` '
+                'argument to show the output.') from error
 
     # Do not be fooled by the `encoding` parameter: even with `utf-8`,
     # `tostring()` will still return bytes. `unicode`, on the other