Uploaded image for project: 'TorqueBox'
  1. TorqueBox
  2. TORQUE-733

Limit Maximum Stack Depth During Injection Analysis

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 2.0.0.CR1
    • Fix Version/s: 2.0.0
    • Component/s: None
    • Labels:
      None

      Description

      We should limit the maximum depth we'll recurse into DefaultNodeVisitor's defaultVisitNode during injection analysis to something around Xss / 4 since each recursion into defaultVisitNode actually hops through a few methods and we don't want to blow the stack. It shouldn't be common to have injections deeply nested, and even if they are it would be better to not blow up the stack and log a warning about increasing the stack size versus blowing up the stack.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                benbrowning Benjamin Browning
                Reporter:
                benbrowning Benjamin Browning
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: