XML Vulnerabilities

[Ethan Blanton]

Richard Laager spake unto us the following wisdom:
> This is fairly old, but what do people think about these issues:
> http://crisp.cs.du.edu/?q=ca2007-1

Once again, sorry for the delay; I've been out of the country.

We passed this report around when it was first brought to our
attention (before that vulnerability page was created), and decided
these weren't problems we were going to deal with.

The UPnP problem we decided was "real", but not something we were too
concerned about; I think the try_malloc was put in to deal with it in
some fashion.

The XML problem someone (Nathan?) looked at and could not verify; I
think the claim Christian was making at the time was that when parts
of the XML tree were discarded memory was leaked, but Nathan was of
the opinion he missed the operation of a recursive destructor of some
kind.  My memory is pretty spotty on this, so maybe Nathan can clear
that up.  In any case, the pool implemention in the patch we saw then
had some rather serious bugs, and was pretty invasive, and we couldn't
identify any problems it actually fixed.

Ethan

-- 
The laws that forbid the carrying of arms are laws [that have no remedy
for evils].  They disarm only those who are neither inclined nor
determined to commit crimes.
		-- Cesare Beccaria, "On Crimes and Punishments", 1764
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://pidgin.im/cgi-bin/mailman/private/packagers/attachments/20080706/bad52db8/attachment.pgp