[
Lists Home |
Date Index |
Thread Index
]
On Thu, Nov 14, 2002 at 04:15:41PM -0500, Karl Waclawek wrote:
> Just curious,
>
> are there any well-known ways to protect against
> malicious XML, e.g. XML that causes your parser
> to eat up all memory?
Provide your own memory allocator and put some application
based controls. Even if the parser operates on constant memory
(or memory proportional to the depth of the tree), there will
be problems on the consuming side anyway.
I think everybody doing XML processing on embedded systems is
used to implement those, but it may not have reached more general
processing environments.
Daniel
--
Daniel Veillard | Red Hat Network https://rhn.redhat.com/
veillard@redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
|