From: Daniel Veillard (Daniel.Veillard@w3.org)
Date: Sat Jul 08 2000 - 06:11:06 EDT
On Fri, Jul 07, 2000 at 01:40:52PM -0700, Joe McAlerney wrote:
>
> Hello Daniel,
>
> I was wondering about the precautions taken to avoid such caterstrophic
> things as buffer overflows and the like in libxml. Since libxml is
> widely portable, I'm assuming that efforts have been made to avoid using
> secure OS specific functions. I noticed in some places that you use
> snprintf if it is available, and sprintf if it is not. Obviously you
> have put thought into this issue as well, and have coded accordingly.
First I'm not a security expert. I know how buffers overflows can be
used to execute arbitrary code, and I have tried to write libxml in
the most robust fashion. Basically rather that targetting at security
I targetted at "no input given to libxml should ever allow it to segfault".
This is a different bias, but I assume it should lead to a secure
library.
Now as far as I know I received only once a security related message,
it was about places where I didn't used snprintf when available. I don't
think there was really a strong security audit of libxml itself, and I'm
afraid I don't really have the expertise. Feddback on this issue are
really welcome.
> We want to use libxml in a project, and just wanted to get a sense of
> how it may hold up against something like a rogue xml document being fed
> into the parser. Unfortunately, I don't have enought experience to do a
> full audit of the code. If you can provide any insite on this subject,
> it would be most appreciated.
Well I think crashing libxml with random input should not be easy,
It's a good first point. But I can't provide guarantees except to
close any hole pointed at me !
Daniel
-- Daniel.Veillard@w3.org | W3C, INRIA Rhone-Alpes | Today's Bookmarks : Tel : +33 476 615 257 | 655, avenue de l'Europe | Linux XML libxml WWW Fax : +33 476 615 207 | 38330 Montbonnot FRANCE | Gnome rpm2html rpmfind http://www.w3.org/People/all#veillard%40w3.org | RPM badminton Kaffe ---- Message from the list xml@xmlsoft.org Archived at : http://xmlsoft.org/messages/ to unsubscribe: echo "unsubscribe xml" | mail majordomo@xmlsoft.org
This archive was generated by hypermail 2b29 : Wed Aug 02 2000 - 12:30:22 EDT