Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-35459

Too low entityCharacterLimit=1024 for CVE-2013-4549 breaks KatePart's Lilypond syntax highlighting scheme

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: P2: Important
    • Resolution: Done
    • Affects Version/s: 4.8.6, 5.2.0
    • Fix Version/s: 5.14.0 Alpha
    • Component/s: XML: DOM
    • Labels:
      None
    • Environment:
      Fedora 18, i686
    • Commits:
      185ba7f4cfd577189f9d8b9d55d7f9ae467055d3 (qt/qtbase/dev)

      Description

      The fix for CVE-2013-4549 introduces a hard limit of 1024 characters (QXmlSimpleReaderPrivate::entityCharacterLimit) for the length of an entity, at least when processing nested entities.

      Unfortunately, this breaks some XML files in actual use. One such file is KatePart's lilypond.xml syntax highlighting definition. The version I tested:
      https://projects.kde.org/projects/kde/applications/kate/repository/entry/part/syntax/data/lilypond.xml?rev=KDE%2F4.10
      Trying to open any *.ly file in any KatePart-based editor (you can even use a dummy file with any contents to reproduce the error, only the syntax highlighting definition matters) yields the following error:
      The error The XML entity "commands-other" expands too a string that is too large to process (2594 characters > 1024).
      has been detected in the file /usr/share/kde4/apps/katepart/syntax/lilypond.xml at 15/56

      I suggest increasing the limit to at least 65536.

        Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

            Assignee:
            vhilshei Volker Hilsheimer
            Reporter:
            kevin kofler Kevin Kofler
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Gerrit Reviews

                There are no open Gerrit changes