TorqueBox
  1. TorqueBox
  2. TORQUE-733

Limit Maximum Stack Depth During Injection Analysis

    Details

    • Type: Bug Bug
    • Status: Closed Closed (View Workflow)
    • Priority: Major Major
    • Resolution: Done
    • Affects Version/s: 2.0.0.CR1
    • Fix Version/s: 2.0.0
    • Component/s: None
    • Labels:
      None
    • Similar Issues:
      Show 10 results 

      Description

      We should limit the maximum depth we'll recurse into DefaultNodeVisitor's defaultVisitNode during injection analysis to something around Xss / 4 since each recursion into defaultVisitNode actually hops through a few methods and we don't want to blow the stack. It shouldn't be common to have injections deeply nested, and even if they are it would be better to not blow up the stack and log a warning about increasing the stack size versus blowing up the stack.

        Activity

        Show
        Benjamin Browning
        added a comment - Fixed by https://github.com/torquebox/torquebox/commit/3fc0196ed7a77a3f6aaa70ac32d396daa8203fea

          People

          • Assignee:
            Benjamin Browning
            Reporter:
            Benjamin Browning
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: