[Expat-bugs] [ expat-Bugs-3496608 ] CVE-2012-0876 - Hash DOS attack
SourceForge.net
noreply at sourceforge.net
Tue Mar 6 05:37:54 CET 2012
Bugs item #3496608, was opened at 2012-03-03 11:01
Message generated for change (Settings changed) made by kwaclaw
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=3496608&group_id=10127
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: Test Required
Status: Open
Resolution: Fixed
Priority: 7
>Private: Yes
Submitted By: Karl Waclawek (kwaclaw)
Assigned to: Karl Waclawek (kwaclaw)
Summary: CVE-2012-0876 - Hash DOS attack
Initial Comment:
The hash table implementation in Expat can be attacked by a carefully crafted input document where all identifiers hash to the same value.
This leads to a denial of service scenario by forcing hash table lookups to do linear searching.
CVE-2012-0876 (see http://http://www.cve.mitre.org) has been reserved for this issue.
Also discussed on bugs.python.org/issue13703#msg151870 .
----------------------------------------------------------------------
Comment By: Karl Waclawek (kwaclaw)
Date: 2012-03-03 11:20
Message:
Fixed in expat.h rev 1.81 and xmlparse.c rev 1.168.
Thanks to David Malcolm (RedHat) for providing me with the initial version
of the patch.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=110127&aid=3496608&group_id=10127
More information about the Expat-bugs
mailing list