URL:
<http://gna.org/bugs/?13044>
Summary: Malicious WML in UMC can crash Wesnoth on startup
Project: Battle for Wesnoth
Submitted by: dfranke
Submitted on: Sunday 02/22/2009 at 03:15
Category: Bug
Severity: 6 - Security
Priority: 5 - Normal
Item Group: WML
Status: None
Privacy: Private
Assigned to: None
Originator Email:
Open/Closed: Open
Discussion Lock: Any
Release: 1.5.10+svn
Operating System: Linux
_______________________________________________________
Details:
Deeply-nested WML tags in UMC can trigger a call stack overflow while Wesnoth
is building its cache during startup, crashing the game.
To test this, just run:
yes "[x]" | head -n 100000 >> _main.cfg
in any campaign directory.
I haven't tested that such code can be uploaded to and then downloaded from
the campaign server, but in a cursory glance over the campaign server code I
saw nothing that would prevent it.
_______________________________________________________
Reply to this item at:
<http://gna.org/bugs/?13044>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
_______________________________________________
Wesnoth-bugs mailing list
[email protected]
https://mail.gna.org/listinfo/wesnoth-bugs
