Uploaded image for project: 'TorqueBox'
  1. TorqueBox
  2. TORQUE-733

Limit Maximum Stack Depth During Injection Analysis

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: 2.0.0.CR1
    • Fix Version/s: 2.0.0
    • Component/s: None
    • Labels:
      None
    • Similar Issues:
      Show 10 results 

      Description

      We should limit the maximum depth we'll recurse into DefaultNodeVisitor's defaultVisitNode during injection analysis to something around Xss / 4 since each recursion into defaultVisitNode actually hops through a few methods and we don't want to blow the stack. It shouldn't be common to have injections deeply nested, and even if they are it would be better to not blow up the stack and log a warning about increasing the stack size versus blowing up the stack.

        Gliffy Diagrams

          Activity

          Show
          benbrowning Benjamin Browning added a comment - Fixed by https://github.com/torquebox/torquebox/commit/3fc0196ed7a77a3f6aaa70ac32d396daa8203fea

            People

            • Assignee:
              benbrowning Benjamin Browning
              Reporter:
              benbrowning Benjamin Browning
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development