diff --git a/src/parsers/mpd_parser.y b/src/parsers/mpd_parser.y index 74f8e8ee..65d1b83d 100644 --- a/src/parsers/mpd_parser.y +++ b/src/parsers/mpd_parser.y @@ -182,6 +182,7 @@ int mpd_lex_parse(struct mpd_result *result, const char *input); #include #define INVERT_MASK 0x80000000 +#define RECURSION_MAX 64 } /* Dependencies, mocked or real */ @@ -225,6 +226,8 @@ struct mpd_result { int err; char errmsg[128]; + + int recursion_level; }; enum mpd_type { @@ -416,6 +419,15 @@ static void sql_append_recursive(struct mpd_result *result, struct mpd_result_pa { char escape_char; + if (result->recursion_level > RECURSION_MAX) + { + snprintf(result->errmsg, sizeof(result->errmsg), "Recursion maximum exceeded"); + result->err = -2; + return; + } + + result->recursion_level++; + switch (append_type) { case SQL_APPEND_OPERATOR: @@ -477,6 +489,8 @@ static void sql_append_recursive(struct mpd_result *result, struct mpd_result_pa sql_append(result, part, ")"); break; } + + result->recursion_level--; } /* Creates the parsing result from the AST. Errors are set via result->err. */ diff --git a/src/parsers/rsp_parser.y b/src/parsers/rsp_parser.y index f86645dc..2aa05477 100644 --- a/src/parsers/rsp_parser.y +++ b/src/parsers/rsp_parser.y @@ -178,6 +178,7 @@ int rsp_lex_parse(struct rsp_result *result, const char *input); #include #define INVERT_MASK 0x80000000 +#define RECURSION_MAX 64 } /* Dependencies, mocked or real */ @@ -197,6 +198,8 @@ struct rsp_result { int offset; int err; char errmsg[128]; + + int recursion_level; }; } @@ -272,6 +275,15 @@ static void sql_append_recursive(struct rsp_result *result, struct ast *a, const { char escape_char; + if (result->recursion_level > RECURSION_MAX) + { + snprintf(result->errmsg, sizeof(result->errmsg), "Recursion maximum exceeded"); + result->err = -2; + return; + } + + result->recursion_level++; + switch (append_type) { case SQL_APPEND_OPERATOR: @@ -317,6 +329,8 @@ static void sql_append_recursive(struct rsp_result *result, struct ast *a, const sql_append(result, ")"); break; } + + result->recursion_level--; } static void sql_from_ast(struct rsp_result *result, struct ast *a) diff --git a/src/parsers/smartpl_parser.y b/src/parsers/smartpl_parser.y index e4139159..2d3bc422 100644 --- a/src/parsers/smartpl_parser.y +++ b/src/parsers/smartpl_parser.y @@ -182,6 +182,7 @@ int smartpl_lex_parse(struct smartpl_result *result, const char *input); #include #define INVERT_MASK 0x80000000 +#define RECURSION_MAX 64 } /* Dependencies, mocked or real */ @@ -215,6 +216,8 @@ struct smartpl_result { int limit; int err; char errmsg[128]; + + int recursion_level; }; } @@ -289,6 +292,15 @@ static void sql_append_recursive(struct smartpl_result *result, struct result_pa { char escape_char; + if (result->recursion_level > RECURSION_MAX) + { + snprintf(result->errmsg, sizeof(result->errmsg), "Recursion maximum exceeded"); + result->err = -2; + return; + } + + result->recursion_level++; + switch (append_type) { case SQL_APPEND_OPERATOR: @@ -359,6 +371,8 @@ static void sql_append_recursive(struct smartpl_result *result, struct result_pa sql_append(result, part, "', "); break; } + + result->recursion_level--; } /* Creates the parsing result from the AST. Errors are set via result->err. */