mirror of
				https://gitlab.gnome.org/GNOME/libxml2.git
				synced 2025-10-26 00:37:43 +03:00 
			
		
		
		
	Stop using maxParserDepth in xpath.c
Only use a single maxDepth value.
This commit is contained in:
		| @@ -34,8 +34,7 @@ LLVMFuzzerTestOneInput(const char *data, size_t size) { | ||||
|         xmlXPathContextPtr xpctxt = xmlXPathNewContext(doc); | ||||
|  | ||||
|         /* Resource limits to avoid timeouts and call stack overflows */ | ||||
|         xpctxt->maxParserDepth = 15; | ||||
|         xpctxt->maxDepth = 100; | ||||
|         xpctxt->maxDepth = 500; | ||||
|         xpctxt->opLimit = 500000; | ||||
|  | ||||
|         xmlXPathFreeObject(xmlXPtrEval(BAD_CAST expr, xpctxt)); | ||||
|   | ||||
							
								
								
									
										9
									
								
								xpath.c
									
									
									
									
									
								
							
							
						
						
									
										9
									
								
								xpath.c
									
									
									
									
									
								
							| @@ -6119,7 +6119,6 @@ xmlXPathNewContext(xmlDocPtr doc) { | ||||
|     ret->proximityPosition = -1; | ||||
|  | ||||
|     ret->maxDepth = INT_MAX; | ||||
|     ret->maxParserDepth = INT_MAX; | ||||
|  | ||||
| #ifdef XP_DEFAULT_CACHE_ON | ||||
|     if (xmlXPathContextSetCache(ret, 1, -1, 0) == -1) { | ||||
| @@ -10948,9 +10947,13 @@ xmlXPathCompileExpr(xmlXPathParserContextPtr ctxt, int sort) { | ||||
|     xmlXPathContextPtr xpctxt = ctxt->context; | ||||
|  | ||||
|     if (xpctxt != NULL) { | ||||
|         if (xpctxt->depth >= xpctxt->maxParserDepth) | ||||
|         if (xpctxt->depth >= xpctxt->maxDepth) | ||||
|             XP_ERROR(XPATH_RECURSION_LIMIT_EXCEEDED); | ||||
|         xpctxt->depth += 1; | ||||
|         /* | ||||
|          * Parsing a single '(' pushes about 10 functions on the call stack | ||||
|          * before recursing! | ||||
|          */ | ||||
|         xpctxt->depth += 10; | ||||
|     } | ||||
|  | ||||
|     xmlXPathCompAndExpr(ctxt); | ||||
|   | ||||
		Reference in New Issue
	
	Block a user