Mercurial > pidgin
comparison libpurple/tests/test_xmlnode.c @ 31680:c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
billion laughs attack. I think because we specify NULL as the entity
resolver, attempts to define entities in an xml doc just get ignored.
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Wed, 22 Jun 2011 17:43:51 +0000 |
| parents | |
| children | 114a98da1a5f 3828a61c44da |
comparison
equal
deleted
inserted
replaced
| 31679:ec1e6b5893a0 | 31680:c8f91310bfbf |
|---|---|
| 1 #include <string.h> | |
| 2 | |
| 3 #include "tests.h" | |
| 4 #include "../xmlnode.h" | |
| 5 | |
| 6 /* | |
| 7 * If we really wanted to test the billion laughs attack we would | |
| 8 * need to have more than just 4 ha's. But as long as this shorter | |
| 9 * document fails to parse, the longer one should also fail to parse. | |
| 10 */ | |
| 11 START_TEST(test_xmlnode_billion_laughs_attack) | |
| 12 { | |
| 13 const char *malicious_xml_doc = "<!DOCTYPE root [ <!ENTITY ha \"Ha !\"><!ENTITY ha2 \"&ha; &ha;\"><!ENTITY ha3 \"&ha2; &ha2;\"> ]><root>&ha3;</root>"; | |
| 14 | |
| 15 /* Uncomment this line if you want to see the error message given by | |
| 16 the parser for the above XML document */ | |
| 17 /* purple_debug_set_enabled(TRUE); */ | |
| 18 | |
| 19 fail_if(xmlnode_from_str(malicious_xml_doc, -1), | |
| 20 "xmlnode_from_str() returned an XML tree, but we didn't want it to"); | |
| 21 } | |
| 22 END_TEST | |
| 23 | |
| 24 Suite * | |
| 25 xmlnode_suite(void) | |
| 26 { | |
| 27 Suite *s = suite_create("Utility Functions"); | |
| 28 | |
| 29 TCase *tc = tcase_create("xmlnode"); | |
| 30 tcase_add_test(tc, test_xmlnode_billion_laughs_attack); | |
| 31 suite_add_tcase(s, tc); | |
| 32 | |
| 33 return s; | |
| 34 } |