How does the billion laughs XML DoS attack work?

Answer 1

defines an entity, &ha; that expands to "Ha !". The next line defines another entity, &ha2; that expands to "&ha; &ha;" and eventually, "Ha ! Ha !".

&ha3; turns into Ha ! Ha ! Ha ! Ha !, and so on, doubling the number each time. If you follow the pattern, &haN; is "Ha !", 2^N-1 times, so &ha128, expands to 2¹²⁷ "Ha !"s, which is too big for any computer to handle.