generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-26 18:42:41 +01:00
Code Issues Projects Releases Wiki Activity

fix(XML): fuzzing stack overflow (#4629). Limit maximum XML element depth.

Browse Source
This commit is contained in:
Günter Obiltschnig
2024-09-26 09:03:31 +02:00
parent 3a8c6a72b1
commit 3b4a8ea6e7
6 changed files with 76 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
XML/include/Poco/DOM/DOMParser.h
View File

@@ -99,12 +99,30 @@ public:
void setEntityResolver(EntityResolver* pEntityResolver);
/// Sets the entity resolver on the underlying SAXParser.
void setMaxElementDepth(std::size_t limit);
/// Limits the maximum element depth of the XML document to be loaded.
/// Setting the limit to zero disables the limit.
///
/// This can be used to prevent excessive element depth, which
/// could lead to a stack overflow when destroying the document.
///
/// The default limit is 256.
std::size_t getMaxElementDepth() const;
/// Returns the maximum element depth.
static const XMLString FEATURE_FILTER_WHITESPACE;
enum
{
DEFAULT_MAX_ELEMENT_DEPTH = 256
};
private:
SAXParser _saxParser;
NamePool* _pNamePool;
bool _filterWhitespace;
bool _filterWhitespace = false;
std::size_t _maxElementDepth = DEFAULT_MAX_ELEMENT_DEPTH;
};