From bc18f4a67cf4a62df3724b62c23f63c08407a255 Mon Sep 17 00:00:00 2001 From: Nick Wellnhofer Date: Fri, 23 Dec 2022 21:55:38 +0100 Subject: [PATCH] parser: Lower entity nesting limit with XML_PARSE_HUGE The old limit of 1024 could lead to excessively deep call stacks. This could probably be set much lower without causing issues. --- parser.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/parser.c b/parser.c index 2916d320..b9941708 100644 --- a/parser.c +++ b/parser.c @@ -2270,7 +2270,7 @@ xmlPushInput(xmlParserCtxtPtr ctxt, xmlParserInputPtr input) { "Pushing input %d : %.30s\n", ctxt->inputNr+1, input->cur); } if (((ctxt->inputNr > 40) && ((ctxt->options & XML_PARSE_HUGE) == 0)) || - (ctxt->inputNr > 1024)) { + (ctxt->inputNr > 100)) { xmlFatalErr(ctxt, XML_ERR_ENTITY_LOOP, NULL); while (ctxt->inputNr > 1) xmlFreeInputStream(inputPop(ctxt)); @@ -2625,7 +2625,7 @@ xmlStringDecodeEntitiesInt(xmlParserCtxtPtr ctxt, const xmlChar *str, int len, if (((ctxt->depth > 40) && ((ctxt->options & XML_PARSE_HUGE) == 0)) || - (ctxt->depth > 1024)) { + (ctxt->depth > 100)) { xmlFatalErrMsg(ctxt, XML_ERR_ENTITY_LOOP, "Maximum entity nesting depth exceeded"); return(NULL); @@ -12818,7 +12818,7 @@ xmlParseExternalEntityPrivate(xmlDocPtr doc, xmlParserCtxtPtr oldctxt, if (((depth > 40) && ((oldctxt == NULL) || (oldctxt->options & XML_PARSE_HUGE) == 0)) || - (depth > 1024)) { + (depth > 100)) { xmlFatalErrMsg(oldctxt, XML_ERR_ENTITY_LOOP, "Maximum entity nesting depth exceeded"); return(XML_ERR_ENTITY_LOOP); @@ -13108,7 +13108,7 @@ xmlParseBalancedChunkMemoryInternal(xmlParserCtxtPtr oldctxt, #endif if (((oldctxt->depth > 40) && ((oldctxt->options & XML_PARSE_HUGE) == 0)) || - (oldctxt->depth > 1024)) { + (oldctxt->depth > 100)) { xmlFatalErrMsg(oldctxt, XML_ERR_ENTITY_LOOP, "Maximum entity nesting depth exceeded"); return(XML_ERR_ENTITY_LOOP);