big-list-of-naughty-strings icon indicating copy to clipboard operation
big-list-of-naughty-strings copied to clipboard

Published 20 hours ago verified publisher icon minimaxir

Billion laughs xml "bomb"

Open zach-taylor opened this issue 10 years ago • 4 comments
trafficstars

Example here: https://en.wikipedia.org/wiki/Billion_laughs

zach-taylor avatar Aug 19 '15 16:08 zach-taylor

That seems more like a specific script than a set of strings.

minimaxir avatar Aug 20 '15 17:08 minimaxir

It's basically the XML equivalent of a forkbomb and it's part of a set of XML vulnerabilities which are very common because so many XML parsers don't include protection by default. (eg. the Python standard library is vulnerable and the docs say to use the defusedxml package from PyPI if you're parsing untrusted XML.)

https://docs.python.org/2/library/xml.html#xml-vulnerabilities

ssokolow avatar Aug 20 '15 18:08 ssokolow

Indeed! Microsoft Word (at least on Mac) crashes upon pasting the above example as plaintext.

zach-taylor avatar Aug 20 '15 18:08 zach-taylor

A Word crash makes sense since the modern versions are XML-based.

Rethinking this.

minimaxir avatar Aug 20 '15 18:08 minimaxir