[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: Malicious XML
> Anyway, their example uses a really trivial internal subset > to bring down a SOAP server. I wonder if there are more > well known XML examples that can cause a parser to eat > up all memory. > > Properly used, Expat is already equipped to handle such > situations since it allows for a pluggable memory handler. Actually, I have to correct myself: In Expat, memory isn't eaten up, just lots of CPU cycles. Same in MSXML4. So a custom memory handler won't work. Karl
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|