Comment by Mikhail_Edoshin

Comment by Mikhail_Edoshin 11 hours ago

0 replies

View on Hacker News

XML "logic bombs" happens when the parser expand entities eagerly. If a parser does that one can easily assemble an enormous entity that will eat up all the memory. But a more sophisticated parser won't expand entities right away and thus can merely reject oversized ones. It is really a minor issue.