This repository has been archived by the owner on Apr 17, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 75
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bug 803931 - Compiler is vulnerable to the billion laughs attack. r=g…
…andalf
- Loading branch information
Showing
4 changed files
with
139 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,120 @@ | ||
| var Parser = require('../../../../lib/l20n/parser').Parser; | ||
| var Compiler = process.env.L20N_COV | ||
| ? require('../../../../build/cov/lib/l20n/compiler').Compiler | ||
| : require('../../../../lib/l20n/compiler').Compiler; | ||
|
|
||
| var parser = new Parser(); | ||
| var compiler = new Compiler(); | ||
|
|
||
| // Bug 803931 - Compiler is vulnerable to the billion laughs attack | ||
| describe('Reference bombs', function(){ | ||
| var source, ctxdata, ast, env; | ||
| beforeEach(function() { | ||
| ast = parser.parse(source); | ||
| env = compiler.reset().compile(ast); | ||
| }); | ||
|
|
||
| describe('Billion Laughs', function(){ | ||
| before(function() { | ||
| source = ' \ | ||
| <lol0 "LOL"> \ | ||
| <lol1 "{{lol0}} {{lol0}} {{lol0}} {{lol0}} {{lol0}} {{lol0}} {{lol0}} {{lol0}} {{lol0}} {{lol0}}"> \ | ||
| <lol2 "{{lol1}} {{lol1}} {{lol1}} {{lol1}} {{lol1}} {{lol1}} {{lol1}} {{lol1}} {{lol1}} {{lol1}}"> \ | ||
| <lol3 "{{lol2}} {{lol2}} {{lol2}} {{lol2}} {{lol2}} {{lol2}} {{lol2}} {{lol2}} {{lol2}} {{lol2}}"> \ | ||
| <lol4 "{{lol3}} {{lol3}} {{lol3}} {{lol3}} {{lol3}} {{lol3}} {{lol3}} {{lol3}} {{lol3}} {{lol3}}"> \ | ||
| <lol5 "{{lol4}} {{lol4}} {{lol4}} {{lol4}} {{lol4}} {{lol4}} {{lol4}} {{lol4}} {{lol4}} {{lol4}}"> \ | ||
| <lol6 "{{lol5}} {{lol5}} {{lol5}} {{lol5}} {{lol5}} {{lol5}} {{lol5}} {{lol5}} {{lol5}} {{lol5}}"> \ | ||
| <lol7 "{{lol6}} {{lol6}} {{lol6}} {{lol6}} {{lol6}} {{lol6}} {{lol6}} {{lol6}} {{lol6}} {{lol6}}"> \ | ||
| <lol8 "{{lol7}} {{lol7}} {{lol7}} {{lol7}} {{lol7}} {{lol7}} {{lol7}} {{lol7}} {{lol7}} {{lol7}}"> \ | ||
| <lol9 "{{lol8}} {{lol8}} {{lol8}} {{lol8}} {{lol8}} {{lol8}} {{lol8}} {{lol8}} {{lol8}} {{lol8}}"> \ | ||
| <lolz "{{ lol9 }}"> \ | ||
| '; | ||
| }); | ||
| it('throws', function() { | ||
| (function() { | ||
| env.lolz.getString(); | ||
| }).should.throw(/too many characters/); | ||
| }); | ||
| }); | ||
|
|
||
| describe('Quadratic Blowup', function(){ | ||
| before(function() { | ||
| source = ' \ | ||
| /* \ | ||
| * Project Gutenberg\'s Alice\'s Adventures in Wonderland, \ | ||
| * by Lewis Carroll \ | ||
| * \ | ||
| * This eBook is for the use of anyone anywhere at no cost and with \ | ||
| * almost no restrictions whatsoever. You may copy it, give it away \ | ||
| * or re-use it under the terms of the Project Gutenberg License \ | ||
| * included with this eBook or online at www.gutenberg.org \ | ||
| */ \ | ||
| \ | ||
| <alice """ \ | ||
| \ | ||
| CHAPTER I. Down the Rabbit-Hole \ | ||
| \ | ||
| Alice was beginning to get very tired of sitting by her sister on \ | ||
| the bank, and of having nothing to do: once or twice she had peeped \ | ||
| into the book her sister was reading, but it had no pictures or \ | ||
| conversations in it, \'and what is the use of a book,\' thought \ | ||
| Alice \'without pictures or conversation?\' \ | ||
| \ | ||
| So she was considering in her own mind (as well as she could, for \ | ||
| the hot day made her feel very sleepy and stupid), whether the \ | ||
| pleasure of making a daisy-chain would be worth the trouble of \ | ||
| getting up and picking the daisies, when suddenly a White Rabbit \ | ||
| with pink eyes ran close by her. \ | ||
| \ | ||
| There was nothing so VERY remarkable in that; nor did Alice think \ | ||
| it so VERY much out of the way to hear the Rabbit say to itself, \ | ||
| \'Oh dear! Oh dear! I shall be late!\' (when she thought it over \ | ||
| afterwards, it occurred to her that she ought to have wondered at \ | ||
| this, but at the time it all seemed quite natural); but when the \ | ||
| Rabbit actually TOOK A WATCH OUT OF ITS WAISTCOAT-POCKET, and \ | ||
| looked at it, and then hurried on, Alice started to her feet, for \ | ||
| it flashed across her mind that she had never before seen a rabbit \ | ||
| with either a waistcoat-pocket, or a watch to take out of it, and \ | ||
| burning with curiosity, she ran across the field after it, and \ | ||
| fortunately was just in time to see it pop down a large rabbit-hole \ | ||
| under the hedge. \ | ||
| \ | ||
| In another moment down went Alice after it, never once considering \ | ||
| how in the world she was to get out again. \ | ||
| \ | ||
| The rabbit-hole went straight on like a tunnel for some way, and \ | ||
| then dipped suddenly down, so suddenly that Alice had not a moment \ | ||
| to think about stopping herself before she found herself falling \ | ||
| down a very deep well. \ | ||
| \ | ||
| """> \ | ||
| \ | ||
| <malice """ \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} {{alice}} \ | ||
| """> \ | ||
| '; | ||
| }); | ||
| it('throws', function() { | ||
| (function() { | ||
| env.malice.getString(); | ||
| }).should.throw(/too many placeables/i); | ||
| }); | ||
| }); | ||
|
|
||
| }); |