public void BillionLaughs_DoctypeEnabled() { var testdata = @"<?xml version=""1.0""?> <!DOCTYPE lolz [ <!ENTITY lol ""lol""> <!ENTITY lol2 ""&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;""> <!ENTITY lol3 ""&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;""> <!ENTITY lol4 ""&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;""> <!ENTITY lol5 ""&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;""> <!ENTITY lol6 ""&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;""> <!ENTITY lol7 ""&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;""> <!ENTITY lol8 ""&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;""> <!ENTITY lol9 ""&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;""> ]> <lolz>&lol9;</lolz>"; var options = new Options.ParseOptions(); // enable doctype options.DisallowDoctype = false; XmpException e = null; try { XmpMetaFactory.ParseFromString(testdata, options); } catch (XmpException ex) { e = ex; } Assert.NotNull(e); Assert.True(e.InnerException.Message.StartsWith("The input document has exceeded a limit set by MaxCharactersFromEntities")); }
public void XXE_DoctypeEnabled() { string testdata = @"<!DOCTYPE doc [<!ENTITY win SYSTEM ""c:\windows\win.ini"">]><doc></doc>"; var options = new Options.ParseOptions(); // enable doctype options.DisallowDoctype = false; Exception e = null; try { XmpMetaFactory.ParseFromString(testdata, options); } catch (Exception ex) { e = ex; } Assert.Null(e); }