OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Malicious XML

[ Lists Home | Date Index | Thread Index ]

Karl Waclawek wrote:

>are there any well-known ways to protect against
>malicious XML, e.g. XML that causes your parser
>to eat up all memory?

I can't find a way to produce malicious XML without having extremely large
files, since recursive entity references are not allowed. Here's one
example of a recursive entity reference:

<?xml version="1.0"?>
<!DOCTYPE a [
<!ENTITY a "<element>&b;</element>">
<!ENTITY b "&a;">
]>
<element>&a;</element>

Interestingly enough, this caused MSIE 6 to crash, but I'd say that's
because of the malicious parser. Mozilla 1 does the right thing:

XML Parsing Error: recursive entity reference
Location: file:///E:/test/circle.xml
Line Number 6, Column 10:

<element>&a;</element>
---------^

Has anyone else succeeded to produce a small, malicious and well-formed XML
document?

Gustaf



  • References:



 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS