From 6a59d863b08aae9d6b32230cf0082ea30d3e4939 Mon Sep 17 00:00:00 2001
From: k4n5ha0 <9199771@qq.com>
Date: Tue, 4 Oct 2022 10:40:07 +0800
Subject: [PATCH] =?UTF-8?q?XXE=E7=9A=84hook=E4=BC=98=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

原文： https://github.com/baidu/openrasp/issues/396
好吧，一直没人提，我就提掉了
---
 .../java/com/baidu/openrasp/hook/xxe/DisableDom4jXxeEntity.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/agent/java/engine/src/main/java/com/baidu/openrasp/hook/xxe/DisableDom4jXxeEntity.java b/agent/java/engine/src/main/java/com/baidu/openrasp/hook/xxe/DisableDom4jXxeEntity.java
index d19443b14..e2e9f4427 100644
--- a/agent/java/engine/src/main/java/com/baidu/openrasp/hook/xxe/DisableDom4jXxeEntity.java
+++ b/agent/java/engine/src/main/java/com/baidu/openrasp/hook/xxe/DisableDom4jXxeEntity.java
@@ -41,7 +41,7 @@ public boolean isClassMatched(String className) {
     @Override
     protected void hookMethod(CtClass ctClass) throws IOException, CannotCompileException, NotFoundException {
         String src = getInvokeStaticSrc(DisableDom4jXxeEntity.class, "setFeature", "$0", Object.class);
-        insertBefore(ctClass, "read", null, src);
+        insertBefore(ctClass, "read", "(Lorg/xml/sax/InputSource;)Lorg/dom4j/Document;" , src);
     }
 
     public static void setFeature(Object reader) {