Hi,
On 01.10.22 18:39, Erik Auerswald wrote:
On 21.09.22 09:15, Simon Josefsson wrote:
Erik Auerswald <auers...@unix-ag.uni-kl.de> writes:
I'll try to commit and push regression tests and fixes for the first,
third, and fourth problem during the weekend.
Thank you.
What do you all think regarding recursive macros (the second problem)?
Having an arbitrary sized recusion limit of, say, depth 100, while not
ideal (not sure what would be?), may be acceptable. Alternative, simply
document that the code is vulnerable to infinite recursion.
I think I'll look into adding an arbitrary recursion limit
(with a compile time constant) to avoid the crash on running
out of stack memory.
My first idea is to add a static counter to domacro(). If
it is over the recursion limit when entering the function,
then leave it with an error message. Otherwise increment
it. Decrement it before leaving the function.
I'll have to check how many exits the function has.
I have added a maximum nesting depth of 1000 to macro
execution. This fixes the crash via infinite macro
recursion.
With this fix, all the crashes of GNU Networking Utilities
found via fuzzer and reported at the end of last year are
addressed.
Br,
Erik
