[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Malicious XML
Karl Waclawek wrote, > > Anyway, their example uses a really trivial internal subset to bring > > down a SOAP server. I wonder if there are more well known XML > > examples that can cause a parser to eat up all memory. > > > > Properly used, Expat is already equipped to handle such situations > > since it allows for a pluggable memory handler. > > Actually, I have to correct myself: > > In Expat, memory isn't eaten up, just lots of CPU cycles. > Same in MSXML4. So a custom memory handler won't work. Any chance of some details of just what it is in the internal subset which triggers this behaviour, and how? Cheers, Miles
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|