Hello GNU m4 Maintainer,
I would like to report a potential security issue in m4 1.4.21.
The issue is in the eval parser in src/eval.c. The parser recursively
calls primary() on nested parentheses and unary operators:
```c
case LEFTP:
er = primary (v1);
er = parse_expr (v1, er, MIN_PREC);
case PLUS:
return primary (v1);
case MINUS:
er = primary (v1);
```
There appears to be no recursion-depth limit on this path. A deeply
nested expression can therefore exhaust the process stack and crash.
Affected area:
- src/eval.c:311-372
If useful, I can provide a minimal PoC and reproduction output.
If you believe this is a valid security issue, please let me know your
preferred remediation or coordinated disclosure process. If needed, I
can also assist with CVE coordination after triage.
--
Best regards,
Zhihan Zheng
Beijing Institute of Technology
