oss-sec mailing list archives

Re: CVE requested: two stack exhaustation parsing xml files using mxml

From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Sun, 8 May 2016 17:36:10 +0200

Sorry, the title of the mails was "CVE requested", but it should be
"CVE request". Please assign CVE if it is suitable.

Thanks!

2016-05-07 23:40 GMT+02:00 Gustavo Grieco <gustavo.grieco () gmail com>:

Hi,

We found two stack exhustation conditions that can easily crash mxml
when parsing an xml. Both issues are affecting versions 2.7 and 2.9
(and probably others):

* Recursion using mxmlDelete at mxml-node.c:217 (stack-exhaustion-1.xml)
* Recursion using mxml_write_node at mxml-file.c:2739 (stack-exhaustion-2.xml)

Found using QuickFuzz + Radamsa. Reproducers are attached.

Regards,
Gustavo.

Current thread:

CVE requested: two stack exhaustation parsing xml files using mxml Gustavo Grieco (May 07)
- Re: CVE requested: two stack exhaustation parsing xml files using mxml Gustavo Grieco (May 08)
- Re: CVE requested: two stack exhaustation parsing xml files using mxml cve-assign (May 09)
  - Re: CVE requested: two stack exhaustation parsing xml files using mxml Gustavo Grieco (May 11)