Project

General

Profile

Actions
Copy link

Bug #1226

closed

Unbound recursion in DSRDocumentTreeNode::readXML()

Added by Marco Eichelberg 2 days ago. Updated about 2 hours ago.

Status:
Closed
Priority:
Low
Assignee:
Marco Eichelberg
Category:
Library and Apps
Target version:
-
Start date:
2026-06-17
Due date:
% Done:

100%

Estimated time:
1:00 h
Module:
dcmsr
Operating System:
Compiler:

Description

Currently, the XML to DICOM SR parser relies on a depth gate in libxml2 to prevent unbound recursion when reading a malformed XML file.
However, since the code was designed to permit easy replacement of the underlying XML parser, an explicit recursion limit should be added to DSRDocumentTreeNode::readXML().

Reported 2026-05-19 by Arjun Basnet, Senior Security Researcher, Securin.

This issue has been registered as CVE-2026-44032.

Actions
Copy link
 #1

Updated by Marco Eichelberg 2 days ago

  • Assignee set to Marco Eichelberg
  • % Done changed from 0 to 100
  • Estimated time set to 1:00 h
  • Private changed from No to Yes

Closed by commit #9057782f9.

Actions
Copy link
 #2

Updated by Marco Eichelberg about 4 hours ago

  • Private changed from Yes to No
Actions
Copy link
 #3

Updated by Marco Eichelberg about 2 hours ago

  • Status changed from New to Closed
Actions
Copy link

Also available in: Atom PDF