Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-36046

Serious Performance Issue in QDomDocument::setContent

    XMLWordPrintable

Details

    • Bug
    • Resolution: Duplicate
    • Not Evaluated
    • None
    • 4.8.1
    • XML: DOM
    • None

    Description

      I encountered a serious performance problem in the fix:

      https://qt.gitorious.org/qt/qtbase/commit/779fa9c590a1bf399b34fbf293d8399e61a1e15c

      to the:
      XML Entity Expansion Denial of Service (CVE-2013-4549)

      The attached MathML example, which defines about 2000 perfectly valid
      entities leads to a halt when used in:

      bool QDomDocument::setContent(
      const QString& text,
      bool namespaceProcessing,
      QString *errorMsg,
      int *errorLine,
      int *errorColumn)

      The cause is that:
      bool QXmlSimpleReaderPrivate::isExpandedEntityValueTooLarge(
      QString *errorMessage)

      is called on each entity definition. Taking a lot of time once the list
      of entities increases due to the nested foreach loops.

      Attachments

        1. example.xml
          62 kB
          Stefan Hoops
        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            Unassigned Unassigned
            shoops Stefan Hoops
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes