Mercurial > pidgin
diff libpurple/tests/test_xmlnode.c @ 31680:c8f91310bfbf
Add a silly little check to make sure our xml parser isn't vulnerable to the
billion laughs attack. I think because we specify NULL as the entity
resolver, attempts to define entities in an xml doc just get ignored.
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Wed, 22 Jun 2011 17:43:51 +0000 |
| parents | |
| children | 114a98da1a5f 3828a61c44da |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/libpurple/tests/test_xmlnode.c Wed Jun 22 17:43:51 2011 +0000 @@ -0,0 +1,34 @@ +#include <string.h> + +#include "tests.h" +#include "../xmlnode.h" + +/* + * If we really wanted to test the billion laughs attack we would + * need to have more than just 4 ha's. But as long as this shorter + * document fails to parse, the longer one should also fail to parse. + */ +START_TEST(test_xmlnode_billion_laughs_attack) +{ + const char *malicious_xml_doc = "<!DOCTYPE root [ <!ENTITY ha \"Ha !\"><!ENTITY ha2 \"&ha; &ha;\"><!ENTITY ha3 \"&ha2; &ha2;\"> ]><root>&ha3;</root>"; + + /* Uncomment this line if you want to see the error message given by + the parser for the above XML document */ + /* purple_debug_set_enabled(TRUE); */ + + fail_if(xmlnode_from_str(malicious_xml_doc, -1), + "xmlnode_from_str() returned an XML tree, but we didn't want it to"); +} +END_TEST + +Suite * +xmlnode_suite(void) +{ + Suite *s = suite_create("Utility Functions"); + + TCase *tc = tcase_create("xmlnode"); + tcase_add_test(tc, test_xmlnode_billion_laughs_attack); + suite_add_tcase(s, tc); + + return s; +}