Slic3r icon indicating copy to clipboard operation
Slic3r copied to clipboard

Published 20 hours ago verified publisher icon slic3r

Vulnerable copy of libexpat in folder /xs/src/expat?

Open hartwork opened this issue 4 years ago • 6 comments

Hi!

From a quick look, the copy of libexpat at https://github.com/slic3r/Slic3r/tree/master/xs/src/expat is old and vulnerable — every release before ~2.2.8~ 2.4.0 is. Are you aware?

Best, Sebastian

hartwork avatar Apr 26 '21 10:04 hartwork

Any thoughts?

hartwork avatar Jun 14 '21 10:06 hartwork

You can create an amf virus? I'll see if using a newer version works.

supermerill avatar Jun 14 '21 10:06 supermerill

You can create an amf virus?

I'm not sure what you refer to here. What do you mean?

I'll see if using a newer version works.

Cool!

hartwork avatar Jun 14 '21 10:06 hartwork

I'm not sure what you refer to here. What do you mean?

you said that libexpat contains vulnerabilities (I don't know what kind). As it's used for amf & 3mf reading/writing, the way these vulnerabilities can affect slic3r is maybe by creating an amf or .3mf virus ?

supermerill avatar Jun 14 '21 19:06 supermerill

@supermerill I see, thanks for elaborating. I wouldn't call it a virus myself, but it would be possible to craft a file that will have undesired affects when opened, e.g. causing use of so much RAM that you will need to reboot the the machine and lose any unsaved work at that moment (referring to Billion Laughs Attacks). Given how old this copy is, there are more attack vectors possible. Please see the change log at https://github.com/libexpat/libexpat/blob/master/expat/Changes for more details.

hartwork avatar Jun 14 '21 19:06 hartwork

Any news?

hartwork avatar Sep 10 '21 19:09 hartwork