Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JSON DOS #2107

Closed
hanwen opened this issue May 29, 2019 · 1 comment · Fixed by #2111
Closed

JSON DOS #2107

hanwen opened this issue May 29, 2019 · 1 comment · Fixed by #2111

Comments

@hanwen
Copy link
Contributor

hanwen commented May 29, 2019

(

The name of the parser:

json

The command line you used to run ctags:

./ctags  /tmp/borer/core/.jvm/src/test/resources/n_structure_100000_opening_arrays.json

The content of input file: https://github.com/sirthias/borer/blob/master/core/.jvm/src/test/resources/n_structure_100000_opening_arrays.json

(this is a sequence of 100k '[' chars)

The tags output you are not satisfied with:

heap increases to many Gb until it crashes with segfault.

It would be nice if this could either exit with an error, or use less memory and succeed.

!_THIS_IS_AN_EXAMPLE
mainVoid	foo.c	/^main(void)$/;"	kind:function	line:2	language:C	typeref:typename:int	signature:(void)	roles:def
...

The tags output you expect:

!_THIS_IS_AN_EXAMPLE
main	foo.c	/^main(void)$/;"	kind:function	line:2	language:C	typeref:typename:int	signature:(void)	roles:def
...

The version of ctags:

$ ctags --version

Universal Ctags 0.0.0(3fdf28bc), Copyright (C) 2015 Universal Ctags Team
Universal Ctags is derived from Exuberant Ctags.
Exuberant Ctags 5.8, Copyright (C) 1996-2009 Darren Hiebert
  Compiled: May 29 2019, 15:19:17
  URL: https://ctags.io/
  Optional compiled features: +wildcards, +regex, +iconv, +option-directory, +json, +interactive, +sandbox, +packcc
hanwen@hanwen:~/vc/ctags$

How do you get ctags binary:

local build, linux.
@hanwen hanwen mentioned this issue May 29, 2019
Closed
@masatake
Copy link
Member

A related issue: #1682

masatake added a commit to masatake/ctags that referenced this issue Jun 11, 2019
@masatake
JSON: limit the depth of recursion by tracking character pair balancing
54703c7 
Close universal-ctags#2107.
Related to universal-ctags#1682.

To avoid stack overflow, this change provides the way to terminate
the parsing.

The recursion is very related to square brackets and curly brackets.
Instead of limit the function recursion, this change tracks the depth
of brackets. Here I assume deep brackets in input stream causes
deep function call recursion.

readTokenFull is changed to return EOF when it detects too deep (> 512)
brackets in the current input stream. The EOF terminates the parsing.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
@masatake masatake mentioned this issue Jun 11, 2019
Merged
masatake added a commit to masatake/ctags that referenced this issue Jun 12, 2019
@masatake
JSON: limit the depth of recursion by tracking balancing of bracket p…
b5184ea 
…airs

Close universal-ctags#2107.
Related to universal-ctags#1682.

To avoid stack overflow, this change provides the way to terminate
the parsing if recursion CAN be too deep.

The recursion is very related to square brackets and curly brackets
in input stream.
Instead of limit the depth of function recursion itself, this change
tracks the depth of brackets. Here I assume deeply nested brackets
increases the recursion depth of function calls.

readTokenFull is changed to return EOF token when it detects too
deeply nested (>= 512) brackets in the current input stream. The
EOF token may terminate the parsing GENTLY.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
masatake added a commit to masatake/ctags that referenced this issue Jul 14, 2019
@masatake
JSON: limit the depth of recursion by tracking balancing of bracket p…
844ef58 
…airs

Close universal-ctags#2107 reported by @hanwen.
Related to universal-ctags#1682.

To avoid stack overflow, this change provides the way to terminate
the parsing if recursion CAN be too deep.

The recursion is very related to square brackets and curly brackets
in input stream.
Instead of limit the depth of function recursion itself, this change
tracks the depth of brackets. Here I assume deeply nested brackets
increases the recursion depth of function calls.

readTokenFull is changed to return EOF token when it detects too
deeply nested (>= 512) brackets in the current input stream. The
EOF token may terminate the parsing GENTLY.

Signed-off-by: Masatake YAMATO <yamato@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

JSON: limit the depth of recursion by tracking character pair balancing masatake/ctags
2 participants
@hanwen @masatake