python · picnixz · Sep 26, 2025 · Sep 22, 2025 · Sep 22, 2025 · Sep 22, 2025
diff --git a/Doc/library/pyexpat.rst b/Doc/library/pyexpat.rst
@@ -231,7 +231,54 @@
    .. versionadded:: 3.13
 
 
+:class:`xmlparser` objects have the following methods to mitigate some
+well-known XML vulnerabilities.
+
+.. method:: xmlparser.SetAllocTrackerMaximumAmplification(max_factor, /)
+
+   Sets the maximum amplification factor between direct input and bytes
+   of dynamic memory allocated.
+
+   By default, parsers objects have a maximum amplification factor of 100.
+
+   The amplification factor is calculated as ``allocated / direct``
+   while parsing, where ``direct`` is the number of bytes read from
+   the primary document in parsing and ``allocated`` is the number
+   of bytes of dynamic memory allocated in the parser hierarchy.
+
+   The *max_factor* value must be a non-NaN :class:`float` value greater than
+   or equal to 1.0. Amplifications factors greater than 100 can been observed
+   near the start of parsing even with benign files in practice. As such, the
+   upper bound must be carefully chosen so to avoid false positives.
+
+   An :exc:`ExpatError` is raised if this method is called by a non-root
+   parser or if *max_factor* is outside the valid range. The corresponding
+   :attr:`~.ExpatError.lineno` and :attr:`~.ExpatError.column` should not be
+   used as they will have no special meaning.
+
+   .. note::
+
+      The maximum amplification factor is only considered if the threshold
+      specified by :meth:`.SetAllocTrackerActivationThreshold` is reached.
+
+   .. versionadded:: next
+
+.. method:: xmlparser.SetAllocTrackerActivationThreshold(threshold, /)
+
+   Sets the number of allocated bytes of dynamic memory needed to activate
+   protection against disproportionate use of RAM.
+
+   By default, parsers objects have an allocation activation threshold of 64 MiB,
+   or equivalently 67,108,864 bytes.
+
+   An :exc:`ExpatError` is raised if this method is called by a non-root parser.
+   The corresponding :attr:`~.ExpatError.lineno` and :attr:`~.ExpatError.column`
+   should not be used as they will have no special meaning.
+
+   .. versionadded:: next
+
+
 :class:`xmlparser` objects have the following attributes:
 
 
 .. attribute:: xmlparser.buffer_size

@@ -540,6 +540,16 @@ unittest
   (Contributed by Garry Cairns in :gh:`134567`.)
 
 
+xml.parsers.expat
+-----------------
+
+* Add :func:`~xml.parsers.expat.xmlparser.SetAllocTrackerMaximumAmplification`
+  and :func:`~xml.parsers.expat.xmlparser.SetAllocTrackerActivationThreshold`
+  to :ref:`xmlparser <xmlparser-objects>` objects to prevent use of
+  disproportional amounts of dynamic memory from within an Expat parser.
+  (Contributed by Bénédikt Tran in :gh:`90949`.)
+
+
 zlib
 ----
 

diff --git a/Lib/test/test_pyexpat.py b/Lib/test/test_pyexpat.py
@@ -2,13 +2,15 @@
 # handler, are obscure and unhelpful.
 
 import os
+import re
 import sys
 import sysconfig
 import unittest
+import textwrap
 import traceback
 from io import BytesIO
 from test import support
-from test.support import os_helper
+from test.support import import_helper, os_helper
 from test.support import sortdict
 from unittest import mock
 from xml.parsers import expat
@@ -821,5 +823,95 @@ def start_element(name, _):
         self.assertEqual(started, ['doc'])
 
 
+class AttackProtectionTest(unittest.TestCase):
+
+    def billion_laughs(self, ncols, nrows, text='.', indent='  '):
+        """Create a billion laugh payload.
+
+        Be careful: the number of total items is pow(n, k), thereby
+        requiring at least pow(ncols, nrows) * sizeof(text) memory!
+        """
+        body = textwrap.indent('\n'.join(
+            f'<!ENTITY row{i + 1} "{f"&row{i};" * ncols}">'
+            for i in range(nrows)
+        ), indent)
+        return f"""\
+<?xml version="1.0"?>
+<!DOCTYPE doc [
+{indent}<!ENTITY row0 "{text}">
+{indent}<!ELEMENT doc (#PCDATA)>
+{body}
+]>
+<doc>&row{nrows};</doc>
+"""
+
+    def test_set_alloc_tracker_maximum_amplification(self):
+        # On WASI, the maximum amplification factor of the payload may differ,
+        # so we craft a payload that is likely to yield an allocation factor
+        # way larger than 1.0 and way smaller than 10^5.
+        payload = self.billion_laughs(1, 2)
+
+        p = expat.ParserCreate()
+        # Unconditionally enable maximum amplification factor.
+        p.SetAllocTrackerActivationThreshold(0)
+        # Use a max amplification factor likely to be below the real one.
+        self.assertIsNone(p.SetAllocTrackerMaximumAmplification(1.0))
+        msg = r"out of memory: line \d+, column \d+"
+        self.assertRaisesRegex(expat.ExpatError, msg, p.Parse, payload)
+
+        # # Re-create a parser as the current parser is now in an error state.
+        p = expat.ParserCreate()
+        # Unconditionally enable maximum amplification factor.
+        p.SetAllocTrackerActivationThreshold(0)
+        self.assertIsNone(p.SetAllocTrackerMaximumAmplification(10_000))
+        self.assertIsNotNone(p.Parse(payload))
+
+    def test_set_alloc_tracker_maximum_amplification_invalid_args(self):
+        parser = expat.ParserCreate()
+        f = parser.SetAllocTrackerMaximumAmplification
+
+        msg = re.escape("'max_factor' must be at least 1.0")
+        self.assertRaisesRegex(expat.ExpatError, msg, f, float('nan'))
+        self.assertRaisesRegex(expat.ExpatError, msg, f, 0.99)
+
+        subparser = parser.ExternalEntityParserCreate(None)
+        fsub = subparser.SetAllocTrackerMaximumAmplification
+        msg = re.escape("parser must be a root parser")
+        self.assertRaisesRegex(expat.ExpatError, msg, fsub, 1.0)
+
+    def test_set_alloc_tracker_activation_threshold(self):
+        # Run the test with EXPAT_MALLOC_DEBUG=2 to detect those constants.
+        MAX_ALLOC = 17333
+        MIN_ALLOC = 1096
+
+        payload = self.billion_laughs(10, 4)
+
+        p = expat.ParserCreate()
+        p.SetAllocTrackerActivationThreshold(MAX_ALLOC + 1)
+        self.assertIsNone(p.SetAllocTrackerMaximumAmplification(1.0))
+        # Check that we never reach the activation threshold.
+        self.assertIsNotNone(p.Parse(payload))
+
+        p = expat.ParserCreate()
+        p.SetAllocTrackerActivationThreshold(MIN_ALLOC - 1)
+        # Check that we always reach the activation threshold.
+        self.assertIsNone(p.SetAllocTrackerMaximumAmplification(1.0))
+        msg = r"out of memory: line \d+, column \d+"
+        self.assertRaisesRegex(expat.ExpatError, msg, p.Parse, payload)
+
+    def test_set_alloc_tracker_activation_threshold_overflown_args(self):
+        _testcapi = import_helper.import_module("_testcapi")
+        parser = expat.ParserCreate()
+        f = parser.SetAllocTrackerActivationThreshold
+        self.assertRaises(OverflowError, f, _testcapi.ULLONG_MAX + 1)
+
+    def test_set_alloc_tracker_activation_threshold_invalid_args(self):
+        parser = expat.ParserCreate()
+        subparser = parser.ExternalEntityParserCreate(None)
+        f = subparser.SetAllocTrackerActivationThreshold
+        msg = re.escape("parser must be a root parser")
+        self.assertRaisesRegex(expat.ExpatError, msg, f, 12345)
+
+
 if __name__ == "__main__":
     unittest.main()
diff --git a/Misc/NEWS.d/next/Library/2025-09-22-14-40-11.gh-issue-90949.UM35nb.rst b/Misc/NEWS.d/next/Library/2025-09-22-14-40-11.gh-issue-90949.UM35nb.rst
@@ -0,0 +1,5 @@
+Add :func:`~xml.parsers.expat.xmlparser.SetAllocTrackerMaximumAmplification`
+and :func:`~xml.parsers.expat.xmlparser.SetAllocTrackerActivationThreshold`
+to :ref:`xmlparser <xmlparser-objects>` objects to prevent use of
+disproportional amounts of dynamic memory from within an Expat parser. Patch
+by Bénédikt Tran.
diff --git a/Misc/sbom.spdx.json b/Misc/sbom.spdx.json
diff --git a/Modules/clinic/pyexpat.c.h b/Modules/clinic/pyexpat.c.h
diff --git a/Modules/expat/expat_external.h b/Modules/expat/expat_external.h
@@ -39,6 +39,8 @@
 
 #ifndef Expat_External_INCLUDED
 #  define Expat_External_INCLUDED 1
+/* Required so that functions in expat.h are declared */
+#include "expat_config.h"
 /* Namespace external symbols to allow multiple libexpat version to
    co-exist. */
 #include "pyexpatns.h"

diff --git a/Modules/expat/pyexpatns.h b/Modules/expat/pyexpatns.h
@@ -82,6 +82,8 @@
 #define XmlPrologStateInit              PyExpat_XmlPrologStateInit
 #define XmlPrologStateInitExternalEntity    PyExpat_XmlPrologStateInitExternalEntity
 #define XML_ResumeParser                PyExpat_XML_ResumeParser
+#define XML_SetAllocTrackerActivationThreshold PyExpat_XML_SetAllocTrackerActivationThreshold
+#define XML_SetAllocTrackerMaximumAmplification PyExpat_XML_SetAllocTrackerMaximumAmplification
 #define XML_SetAttlistDeclHandler       PyExpat_XML_SetAttlistDeclHandler
 #define XML_SetBase                     PyExpat_XML_SetBase
 #define XML_SetBillionLaughsAttackProtectionActivationThreshold PyExpat_XML_SetBillionLaughsAttackProtectionActivationThreshold