RFC: limit libgumbo memory allocations for untrusted HTML5 content #2949
Labels
topic/gumbo
Gumbo HTML5 parser
topic/memory
Segfaults, memory leaks, valgrind testing, etc.
topic/rfc
Milestone
Comments
flavorjones
added
topic/memory
|
It's nice to have "sanity check" type of limits, but silently truncating stuff is not good. Very hard to debug. Please make it raise an error. Ideally have multiple safeties, so we raise on any of
(example arbitrary numbers) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
libxml2 has long had default limits on document size in order to prevent untrusted documents from creating an OOM condition and potentially using that as a denial-of-service attack vector. These limits can be removed for trusted documents by setting the
HUGEparse option.libgumbo does not have limits like this, and this issue is being created to discuss the need and possible implementations.
Background
This topic was first raised in #2941 where @stevecheckoway and I discussed the shape of the issue.
The text was updated successfully, but these errors were encountered: