From: Amos Jeffries <yadij@users.noreply.github.com>
Date: Mon, 20 May 2019 11:23:13 +0000 (+0000)
Subject: ESI: throw on large stack recursions (#408)
X-Git-Tag: SQUID_5_0_1~95
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9f27bcc53bc1d673072a827b84e01c17d746559b;p=thirdparty%2Fsquid.git

ESI: throw on large stack recursions (#408)

This reduces the impact on concurrent clients to only those
accessing the malformed resource.

Depending on what type of recursion is being performed the
resource may appear to the client with missing segments, or
not at all.
---

diff --git a/src/esi/Esi.cc b/src/esi/Esi.cc
index c7c6a78622..c1f5a0eef0 100644
--- a/src/esi/Esi.cc
+++ b/src/esi/Esi.cc
@@ -930,7 +930,7 @@ void
 ESIContext::addStackElement (ESIElement::Pointer element)
 {
     /* Put on the stack to allow skipping of 'invalid' markup */
-    assert (parserState.stackdepth <11);
+    Must(parserState.stackdepth < 10);
     assert (!failed());
     debugs(86, 5, "ESIContext::addStackElement: About to add ESI Node " << element.getRaw());
 
@@ -1188,7 +1188,7 @@ ESIContext::addLiteral (const char *s, int len)
     assert (len);
     debugs(86, 5, "literal length is " << len);
     /* give a literal to the current element */
-    assert (parserState.stackdepth <11);
+    Must(parserState.stackdepth < 10);
     ESIElement::Pointer element (new esiLiteral (this, s, len));
 
     if (!parserState.top()->addElement(element)) {