ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Wilson <>
Subject Re: It's too easy to hack an XMLRPC WebServer!
Date Wed, 14 Apr 2004 15:23:44 GMT

On 14 Apr 2004, at 14:58, Filippo Capocasale wrote:

> This client just calls our testService 100 times, passing a string 
> terminated with a non-printable character.
> On the server side, each call is handled by a thread. The 
> non-printable character will generate a fatal error in the parsing of 
> the xmlrpc message and the server will not close the thread.

Are you saying that XP (the XML parser you seem to be using) throws an 
exception parsing the message? Have you tried using another parser?

John Wilson
The Wilson Partnership

View raw message