|
From: | Erik Auerswald |
Subject: | Re: fixing the ftp crashes found via fuzzer |
Date: | Sat, 1 Oct 2022 18:39:46 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0 |
Hi, On 21.09.22 09:15, Simon Josefsson wrote:
Erik Auerswald <auerswal@unix-ag.uni-kl.de> writes:I'll try to commit and push regression tests and fixes for the first, third, and fourth problem during the weekend.Thank you.What do you all think regarding recursive macros (the second problem)?Having an arbitrary sized recusion limit of, say, depth 100, while not ideal (not sure what would be?), may be acceptable. Alternative, simply document that the code is vulnerable to infinite recursion.
I think I'll look into adding an arbitrary recursion limit (with a compile time constant) to avoid the crash on running out of stack memory. My first idea is to add a static counter to domacro(). If it is over the recursion limit when entering the function, then leave it with an error message. Otherwise increment it. Decrement it before leaving the function. I'll have to check how many exits the function has. Br, Erik
[Prev in Thread] | Current Thread | [Next in Thread] |