Bug #1226: Unbound recursion in DSRDocumentTreeNode::readXML() - DCMTK - OFFIS DCMTK and DICOM Projects

Actions

Copy link

Bug #1226

closed

Unbound recursion in DSRDocumentTreeNode::readXML()

Added by Marco Eichelberg 2 days ago. Updated about 2 hours ago.

Status:

Closed

Priority:

Low

Assignee:

Marco Eichelberg

Category:

Library and Apps

Target version:

Start date:

2026-06-17

Due date:

% Done:

100%

Estimated time:

1:00 h

Module:

dcmsr

Operating System:

Compiler:

Description

Currently, the XML to DICOM SR parser relies on a depth gate in libxml2 to prevent unbound recursion when reading a malformed XML file.
However, since the code was designed to permit easy replacement of the underlying XML parser, an explicit recursion limit should be added to DSRDocumentTreeNode::readXML().

Reported 2026-05-19 by Arjun Basnet, Senior Security Researcher, Securin.

This issue has been registered as CVE-2026-44032.

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

DCMTK

Bug #1226

Unbound recursion in DSRDocumentTreeNode::readXML()

Updated by Marco Eichelberg 2 days ago

Updated by Marco Eichelberg about 4 hours ago

Updated by Marco Eichelberg about 2 hours ago