Comment by arp242
2 months ago
By that standard almost any bug could be considered a "security bug", including things like "returns error even though my XML is valid" or "it parses this data wrong".
2 months ago
By that standard almost any bug could be considered a "security bug", including things like "returns error even though my XML is valid" or "it parses this data wrong".
Well, yes... Differentials in parsing of the same data can definitely lead to security vulnerabilities.
Just some random examples:
- https://www.ias.cs.tu-bs.de/publications/parsing_differentia... - https://www.ndss-symposium.org/ndss-paper/diffcsp-finding-br... - https://www.brainonfire.net/blog/2022/04/11/what-is-parser-m...