Detect deep recusion on function calls

* libxslt/xsltInternals.h libexslt/functions.c: add a function call
  counting in the transformation context, and test/increment/decrement
  in exsltFuncFunctionFunction enter and exit

libexslt/functions.c

@@ -57,6 +57,8 @@ static void exsltFuncFunctionFunction (xmlXPathParserContextPtr ctxt,
 				       int nargs);
 static exsltFuncFunctionData *exsltFuncNewFunctionData(void);
 
+#define MAX_FUNC_RECURSION 1000
+
 /*static const xmlChar *exsltResultDataID = (const xmlChar *) "EXSLT Result";*/
 
 /**
@@ -321,6 +323,15 @@ exsltFuncFunctionFunction (xmlXPathParserContextPtr ctxt, int nargs) {
 			 "param == NULL\n");
 	return;
     }
+    if (tctxt->funcLevel > MAX_FUNC_RECURSION) {
+	xsltGenericError(xsltGenericErrorContext,
+			 "{%s}%s: detected a recursion\n",
+			 ctxt->context->functionURI, ctxt->context->function);
+	ctxt->error = XPATH_MEMORY_ERROR;
+	return;
+    }
+    tctxt->funcLevel++;
+
     /*
      * We have a problem with the evaluation of function parameters.
      * The original library code did not evaluate XPath expressions until
@@ -437,6 +448,7 @@ error:
     * the calling process exits.
     */
     xsltExtensionInstructionResultFinalize(tctxt);
+    tctxt->funcLevel--;
 }
 
 

libxslt/xsltInternals.h

@@ -1774,6 +1774,7 @@ struct _xsltTransformContext {
                            exits */
     xmlDocPtr localRVTBase;
     int keyInitLevel;   /* Needed to catch recursive keys issues */
+    int funcLevel;      /* Needed to catch recursive functions issues */
 };
 
 /**