[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: Malicious XML

• To: "Anthony B. Coates" <abcoates@T...>,"xml-dev" <xml-dev@l...>
• Subject: Re: Malicious XML
• From: "Karl Waclawek" <karl@w...>
• Date: Thu, 14 Nov 2002 20:17:32 -0500
• References: <001f01c28c22$fcd8f990$9e539696@citkwaclaww2k> <E18CRzq-0003UU-00@m...>

> ** Reply to message from "Karl Waclawek" <karl@w...> on Thu, 14 Nov
> 2002 16:15:41 -0500
> 
> > are there any well-known ways to protect against
> > malicious XML, e.g. XML that causes your parser
> > to eat up all memory?
> 
> Disconnect your machine from any networks before you start parsing.

Well - we - the Expat team have just been notified of a
"security vulnerability" in Expat by a company called Sanctum,
http://www.sanctuminc.com/ .
No idea who they are, and I don't agree with their assessment,
i.e. it is not Expat's job to check memory use. That is
the memory manager's job.

Anyway, their example uses a really trivial internal subset
to bring down a SOAP server. I wonder if there are more
well known XML examples that can cause a parser to eat
up all memory.

Properly used, Expat is already equipped to handle such
situations since it allows for a pluggable memory handler.

Karl

• References:
  • Malicious XML
    • From: "Karl Waclawek" <karl@w...>
  • Re: Malicious XML
    • From: "Anthony B. Coates" <abcoates@T...>

• Prev by Date: Re: Malicious XML
• Next by Date: Re: Malicious XML
• Previous by thread: Re: Malicious XML
• Next by thread: Re: Malicious XML
• Index(es):
  • Date
  • Thread