解析 XML 時,無法進行校驗會給攻擊者提供惡意輸入的機會。
最成功的攻擊往往會從違反程序員的假設開始。不經過 DTD 或 XML schema 的校驗,就直接接受 XML 文檔,這樣一來,程序員就會為攻擊者打開了一扇大門,可以向程序提供無法預測、不合理或是惡意的輸入。當然,XML 解析器不可能校驗文檔中出現的所有內容;任何解析器都無法完全理解數據的全部語意。然而,解析器可以進行完整而徹底的檢查文檔結構,從而保證處理文檔的代碼在內容安排上的合理性。
[1] Standards Mapping - OWASP Top 10 2010 - (OWASP 2010) A1 Injection
[2] Standards Mapping - OWASP Top 10 2004 - (OWASP 2004) A1 Unvalidated Input
[3] Standards Mapping - OWASP Top 10 2007 - (OWASP 2007) A2 Injection Flaws
[4] Standards Mapping - Security Technical Implementation Guide Version 3 - (STIG 3) APP3510 CAT I
[5] Standards Mapping - Security Technical Implementation Guide Version 3.4 - (STIG 3.4) APP3510 CAT I
[6] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 112
[7] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 - (PCI 1.2) Requirement 6.3.1.1, Requirement 6.5.2
[8] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 - (PCI 2.0) Requirement 6.5.1
[9] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 - (PCI 1.1) Requirement 6.5.1, Requirement 6.5.6
[10] Standards Mapping - FIPS200 - (FISMA) SI
[11] XmlReader Class Microsoft
[12] XmlValidatingReader Class Microsoft