I hope this should be the right mailing list for asking questions. I am
doing research on something related to memory explosion. I noticed that
when I use some samples like DOMPrint to analysis a XML(billion laughs
vulnerability), the system memory will be consumed.

I tried to use gdb to locate what in the world is the function for parse
the XML entity. I think there might be a recursive function call so that
the memory might be consumed. However, I didn't find the right function
which is doing the translation for the <! ENTITY> value. Can anyone help
me? Many Thanks


Reply via email to