diff options
author | Erik Verbruggen <erik.verbruggen@qt.io> | 2018-10-11 13:33:08 +0200 |
---|---|---|
committer | Erik Verbruggen <erik.verbruggen@qt.io> | 2018-11-29 08:43:19 +0000 |
commit | 597ce09c7a1d8b89e9473faae900321ef2d4181d (patch) | |
tree | 0a64a17098ad83d5b83ccae836b1d5bbe26d8079 /src/qml/parser/qqmljs.g | |
parent | e7d19a2a0fcbec38b7e132634d0ebe79b772c61b (diff) |
JS: Limit expression and statement nesting level
This is to prevent extremely deeply nested expressions and statements
make the code-generator run out of (native) stack space.
Task-number: QTBUG-71087
Change-Id: I8e1a20a361bff3e49101e535754546475a63ca18
Reviewed-by: Simon Hausmann <simon.hausmann@qt.io>
Diffstat (limited to 'src/qml/parser/qqmljs.g')
-rw-r--r-- | src/qml/parser/qqmljs.g | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/qml/parser/qqmljs.g b/src/qml/parser/qqmljs.g index 6549e5bfa3..860a4e999e 100644 --- a/src/qml/parser/qqmljs.g +++ b/src/qml/parser/qqmljs.g @@ -614,8 +614,16 @@ bool Parser::parse(int startToken) program = 0; do { - if (++tos == stack_size) + if (++tos == stack_size) { reallocateStack(); + if (stack_size > 10000) { + // We're now in some serious right-recursive stuff, which will probably result in + // an AST that's so deep that recursively visiting it will run out of stack space. + const QString msg = QCoreApplication::translate("QQmlParser", "Maximum statement or expression depth exceeded"); + diagnostic_messages.append(DiagnosticMessage(DiagnosticMessage::Error, token_buffer[0].loc, msg)); + return false; + } + } state_stack[tos] = action; |