[Cabal] [Fwd: xmlnode memory leak patch]

Ethan Blanton elb at psg.com
Sun Dec 31 13:41:07 EST 2006

Luke Schierer spake unto us the following wisdom:
> Does this have security implications that it is not being discussed on
> -devel?

Yes.  Malformed XML sent on Jabber, Bonjour, or UPnP can cause us to
leak an arbitrary (chosen by the "attacker") amount of memory.


The laws that forbid the carrying of arms are laws [that have no remedy
for evils].  They disarm only those who are neither inclined nor
determined to commit crimes.
		-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://pidgin.im/cgi-bin/mailman/private/cabal/attachments/20061231/db7bde47/attachment.pgp 

More information about the Cabal mailing list