Actions
Bug #3630
closedRecursion stack-overflow in parsing YAML configuration
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 4.1, Needs backport to 5.0
Description
A YAML configuration can be crafted (for example, by a fuzzer) that causes the YAML parser to recurse to a depth where a stack-overflow occurs. This appears to be at about 180. Our default configuration goes to a depth of about 16.
Suggested fix: track the recursion limit and abort at some level, for example 128 should be OK.
Longer term fix if we every have a config that needs more recursion would be to refactor into a loop.
Updated by Victor Julien over 4 years ago
- Status changed from Assigned to Closed
- Label Needs backport to 4.1, Needs backport to 5.0 added
Updated by Jeff Lucovsky over 4 years ago
- Copied to Bug #3652: Recursion stack-overflow in parsing YAML configuration added
Updated by Jeff Lucovsky over 4 years ago
- Copied to Bug #3653: Recursion stack-overflow in parsing YAML configuration added
Actions