You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "William A. Rowe Jr." <wr...@rowe-clan.net> on 2011/11/22 07:23:20 UTC
Re: svn commit: r1204730 - in /httpd/httpd/branches/2.4.x: include/ap_expr.h
include/ap_mmn.h server/util_expr_eval.c server/util_expr_parse.c server/util_expr_parse.y
On 11/21/2011 4:24 PM, sf@apache.org wrote:
> Author: sf
> Date: Mon Nov 21 22:24:12 2011
> New Revision: 1204730
>
> URL: http://svn.apache.org/viewvc?rev=1204730&view=rev
> Log:
> Merge r1204087, 1204090:
>
> Limit recursion in ap_expr evaluation to avoid unbounded stack usage
> * evaluate chains of ||,&&, and string concatenation non-recursively
> * limit other types of recursion to 20 levels
> * avoid some string copies if concatenating more than 2 strings
> URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/util_expr_eval.c?rev=1204730&r1=1204729&r2=1204730&view=diff
> ==============================================================================
> --- httpd/httpd/branches/2.4.x/server/util_expr_eval.c (original)
> +++ httpd/httpd/branches/2.4.x/server/util_expr_eval.c Mon Nov 21 22:24:12 2011
> @@ -56,10 +56,30 @@ static void expr_dump_tree(const ap_expr
> int loglevel, int indent);
> #endif
>
> +/*
> + * To reduce counting overhead, we only count calls to
> + * ap_expr_eval_word() and ap_expr_eval(). The max number of
> + * stack frames is larger by some factor.
> + */
> +#define AP_EXPR_MAX_RECURSION 20
> +static int inc_rec(ap_expr_eval_ctx_t *ctx)
> +{
> + if (ctx->reclvl< AP_EXPR_MAX_RECURSION) {
> + ctx->reclvl++;
> + return 0;
> + }
> + *ctx->err = "Recursion limit reached";
> + /* short circuit further evaluation */
> + ctx->reclvl = INT_MAX;
When did this project adopt Posix99? Not that I'm complaining
but that isn't a K&R construct (and this is the first such breakage
that I'm aware of.)
Re: svn commit: r1204730 - in /httpd/httpd/branches/2.4.x: include/ap_expr.h include/ap_mmn.h server/util_expr_eval.c server/util_expr_parse.c server/util_expr_parse.y
Posted by Stefan Fritsch <sf...@sfritsch.de>.
On Tuesday 22 November 2011, William A. Rowe Jr. wrote:
> > +/*
> > + * To reduce counting overhead, we only count calls to
> > + * ap_expr_eval_word() and ap_expr_eval(). The max number of
> > + * stack frames is larger by some factor.
> > + */
> > +#define AP_EXPR_MAX_RECURSION 20
> > +static int inc_rec(ap_expr_eval_ctx_t *ctx)
> > +{
> > + if (ctx->reclvl< AP_EXPR_MAX_RECURSION) {
> > + ctx->reclvl++;
> > + return 0;
> > + }
> > + *ctx->err = "Recursion limit reached";
> > + /* short circuit further evaluation */
> > + ctx->reclvl = INT_MAX;
>
> When did this project adopt Posix99? Not that I'm complaining
> but that isn't a K&R construct (and this is the first such breakage
> that I'm aware of.)
I assume you refer to the INT_MAX? That's C89 according to Google. And
yes, we want to support C89 (otherwise http_log.h could have been a
lot simpler). And no, we don't want to support anything older than
C89, IMNSHO.