OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Malicious XML

[ Lists Home | Date Index | Thread Index ]


> ** Reply to message from "Karl Waclawek" <karl@waclawek.net> on Thu, 14 Nov
> 2002 16:15:41 -0500
> 
> > are there any well-known ways to protect against
> > malicious XML, e.g. XML that causes your parser
> > to eat up all memory?
> 
> Disconnect your machine from any networks before you start parsing.

Well, we - the Expat team - have just been notified of a
"security vulnerability" in Expat by a company called Sanctum,
http://www.sanctuminc.com/ .
No idea who they are, and I don't agree with their assessment,
i.e. it is not Expat's job to check memory use. That is
the memory manager's job.

Anyway, their example uses a really trivial internal subset
to bring down a SOAP server. I wonder if there are more
well known XML examples that can cause a parser to eat
up all memory.

Properly used, Expat is already equipped to handle such
situations since it allows for a pluggable memory handler.

Karl




 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS