2 files changed, 33 insertions, 0 deletions

diff --git a/unoxml/qa/complex/unoxml/RDFRepositoryTest.java b/unoxml/qa/complex/unoxml/RDFRepositoryTest.java
index c84ab56547a9..4356de06e7ac 100644
--- a/unoxml/qa/complex/unoxml/RDFRepositoryTest.java
+++ b/unoxml/qa/complex/unoxml/RDFRepositoryTest.java
@@ -543,6 +543,20 @@ public class RDFRepositoryTest
         }
     }
 
+    @Test public void checkCVE_2012_0037() throws Exception
+    {
+        XInputStream xIn = new StreamSimulator(
+                TestDocument.getUrl("cve_2012_0037.rdf"), true, param);
+        xRep.importGraph(FileFormat.RDF_XML, xIn, manifest, base);
+        XNamedGraph xGraph = xRep.getGraph(manifest);
+        assertNotNull("no graph", xGraph);
+        XEnumeration xEnum = xGraph.getStatements(foo, bar, null);
+        // there must not be anything more than "EVIL" in the literal
+        XLiteral evil = Literal.create(xContext, "EVIL");
+        Statement FooBarEvil = new Statement(foo, bar, evil, manifest);
+        assertTrue("EVIL", eq(xEnum, new Statement [] { FooBarEvil }));
+    }
+
 // utilities -------------------------------------------------------------
 
     public void report2(Exception e)
diff --git a/unoxml/qa/complex/unoxml/testdocuments/cve_2012_0037.rdf b/unoxml/qa/complex/unoxml/testdocuments/cve_2012_0037.rdf
new file mode 100644
index 000000000000..9e2327cef0d8
--- /dev/null
+++ b/unoxml/qa/complex/unoxml/testdocuments/cve_2012_0037.rdf
@@ -0,0 +1,19 @@
+<?xml version="1.0"?>
+<!DOCTYPE rdf [
+   <!ENTITY file SYSTEM "file:///etc/passwd">
+]>
+<!--
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+-->
+<rdf:RDF
+ xmlns:baz="uri:"
+ xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
+  <rdf:Description rdf:about="uri:foo">
+    <baz:bar>EVIL&file;</baz:bar>
+  </rdf:Description>
+</rdf:RDF>