On 06/06/2015 10:38 PM, Eric S. Eberhard wrote: > So for example on the memory allocation -- read the XML yourself. If > you don't like the size, make an error. If you due, use the parse mem > functions.
For XML, this is insufficient because small documents can have a very large parsed representation (depending on how expressive the parsed representation is). If there are no supported ways of preventing that problem, then libxml2 isn't the appropriate library to use in contexts where robustness is particularly desirable. -- Florian Weimer / Red Hat Product Security _______________________________________________ xml mailing list, project page http://xmlsoft.org/ xml@gnome.org https://mail.gnome.org/mailman/listinfo/xml
