Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
yaml-cpp
yaml-cpp-CVE-2017-5950.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File yaml-cpp-CVE-2017-5950.patch of Package yaml-cpp
Index: yaml-cpp-yaml-cpp-0.6.1/src/singledocparser.cpp =================================================================== --- yaml-cpp-yaml-cpp-0.6.1.orig/src/singledocparser.cpp +++ yaml-cpp-yaml-cpp-0.6.1/src/singledocparser.cpp @@ -46,6 +46,9 @@ void SingleDocParser::HandleDocument(Eve } void SingleDocParser::HandleNode(EventHandler& eventHandler) { + if (depth > depth_limit) { + throw ParserException(m_scanner.mark(), ErrorMsg::BAD_FILE); + } // an empty node *is* a possibility if (m_scanner.empty()) { eventHandler.OnNull(m_scanner.mark(), NullAnchor); @@ -57,9 +60,11 @@ void SingleDocParser::HandleNode(EventHa // special case: a value node by itself must be a map, with no header if (m_scanner.peek().type == Token::VALUE) { + depth++; eventHandler.OnMapStart(mark, "?", NullAnchor, EmitterStyle::Default); HandleMap(eventHandler); eventHandler.OnMapEnd(); + depth--; return; } @@ -94,32 +99,42 @@ void SingleDocParser::HandleNode(EventHa m_scanner.pop(); return; case Token::FLOW_SEQ_START: + depth++; eventHandler.OnSequenceStart(mark, tag, anchor, EmitterStyle::Flow); HandleSequence(eventHandler); eventHandler.OnSequenceEnd(); + depth--; return; case Token::BLOCK_SEQ_START: + depth++; eventHandler.OnSequenceStart(mark, tag, anchor, EmitterStyle::Block); HandleSequence(eventHandler); eventHandler.OnSequenceEnd(); + depth--; return; case Token::FLOW_MAP_START: + depth++; eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Flow); HandleMap(eventHandler); eventHandler.OnMapEnd(); + depth--; return; case Token::BLOCK_MAP_START: + depth++; eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Block); HandleMap(eventHandler); eventHandler.OnMapEnd(); + depth--; return; case Token::KEY: // compact maps can only go in a flow sequence if (m_pCollectionStack->GetCurCollectionType() == CollectionType::FlowSeq) { + depth++; eventHandler.OnMapStart(mark, tag, anchor, EmitterStyle::Flow); HandleMap(eventHandler); eventHandler.OnMapEnd(); + depth--; return; } break; Index: yaml-cpp-yaml-cpp-0.6.1/src/singledocparser.h =================================================================== --- yaml-cpp-yaml-cpp-0.6.1.orig/src/singledocparser.h +++ yaml-cpp-yaml-cpp-0.6.1/src/singledocparser.h @@ -51,6 +51,8 @@ class SingleDocParser : private noncopya anchor_t LookupAnchor(const Mark& mark, const std::string& name) const; private: + int depth = 0; + int depth_limit = 2048; Scanner& m_scanner; const Directives& m_directives; std::unique_ptr<CollectionStack> m_pCollectionStack;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor