1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51
|
From: Chris Lamb <lamby@debian.org>
Date: Thu, 15 Feb 2018 20:28:25 +0000
Subject: dash: Fix stack overflow from infinite recursion in script
Bug-Debian: https://bugs.debian.org/579815
Signed-off-by: Chris Lamb <lamby@debian.org>
Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk>
---
src/eval.c | 8 +++++++-
src/eval.h | 2 ++
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/eval.c b/src/eval.c
index 6ee2e1a..92c2b3a 100644
--- a/src/eval.c
+++ b/src/eval.c
@@ -70,6 +70,7 @@ int evalskip; /* set if we are skipping commands */
STATIC int skipcount; /* number of levels to skip */
MKINIT int loopnest; /* current loop nesting level */
static int funcline; /* starting line number of current function, or 0 if not in a function */
+static int evalcount; /* number of nested evalfun calls */
char *commandname;
@@ -907,7 +908,12 @@ raise:
break;
case CMDFUNCTION:
- if (evalfun(cmdentry.u.func, argc, argv, flags))
+ if (evalcount++ >= MAX_RECURSION)
+ sh_error("Maximum function recursion depth (%d) reached",
+ MAX_RECURSION);
+ int i = evalfun(cmdentry.u.func, argc, argv, flags);
+ evalcount--;
+ if (i)
goto raise;
break;
}
diff --git a/src/eval.h b/src/eval.h
index 63e7d86..38dffbd 100644
--- a/src/eval.h
+++ b/src/eval.h
@@ -51,6 +51,8 @@ struct backcmd { /* result of evalbackcmd */
#define EV_EXIT 01 /* exit after evaluating tree */
#define EV_TESTED 02 /* exit status is checked; ignore -e flag */
+#define MAX_RECURSION 1000 /* maximum recursion level */
+
int evalstring(char *, int);
union node; /* BLETCH for ansi C */
int evaltree(union node *, int);
|