Help with fdo#60471
Michael Stahl
mstahl at redhat.com
Wed Feb 13 02:37:37 PST 2013
On 13/02/13 10:53, Jan Holesovsky wrote:
>
> Yes - unhelpful ;-) I've had a better look, and it is down to throwing
> "SaxExpatParser: internal entity declaration, stopping", added by
> Michael S.:
>
> http://lists.freedesktop.org/archives/libreoffice-commits/2012-May/031218.html
>
> Michael, can you please have a look? The SVG.odp from fdo#60471 throws
> that when parsing Pictures/100020E100000000000000009BE89C15.svg that
> contains
>
> <!ENTITY ns_flows "http://ns.adobe.com/Flows/1.0/">
both parsers in the sax module abort on the first XML entity
encountered, to make the import filters robust against "billion laughs"
kind of Denial of Service attacks.
http://en.wikipedia.org/wiki/Billion_laughs
how common is it anyway to have these internal entities in SVG files?
More information about the LibreOffice
mailing list