Mercurial > pidgin
view libpurple/tests/test_xmlnode.c @ 32795:a359399cc0ce
merge of '22d544ffc6215f22b81d1dc34931bad4c82775c2'
and '886d323c01f7c8cdf2a5e4ff42eefbab045b1f1f'
author | Mark Doliner <mark@kingant.net> |
---|---|
date | Sun, 06 May 2012 17:52:46 +0000 |
parents | c8f91310bfbf |
children | 114a98da1a5f 3828a61c44da |
line wrap: on
line source
#include <string.h> #include "tests.h" #include "../xmlnode.h" /* * If we really wanted to test the billion laughs attack we would * need to have more than just 4 ha's. But as long as this shorter * document fails to parse, the longer one should also fail to parse. */ START_TEST(test_xmlnode_billion_laughs_attack) { const char *malicious_xml_doc = "<!DOCTYPE root [ <!ENTITY ha \"Ha !\"><!ENTITY ha2 \"&ha; &ha;\"><!ENTITY ha3 \"&ha2; &ha2;\"> ]><root>&ha3;</root>"; /* Uncomment this line if you want to see the error message given by the parser for the above XML document */ /* purple_debug_set_enabled(TRUE); */ fail_if(xmlnode_from_str(malicious_xml_doc, -1), "xmlnode_from_str() returned an XML tree, but we didn't want it to"); } END_TEST Suite * xmlnode_suite(void) { Suite *s = suite_create("Utility Functions"); TCase *tc = tcase_create("xmlnode"); tcase_add_test(tc, test_xmlnode_billion_laughs_attack); suite_add_tcase(s, tc); return s; }