Uploaded image for project: 'TorqueBox'
  1. TorqueBox
  2. TORQUE-733

Limit Maximum Stack Depth During Injection Analysis

This issue belongs to an archived project. You can view it, but you can't modify it. Learn more

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Done
    • 2.0.0.CR1
    • 2.0.0
    • None
    • None

    Description

      We should limit the maximum depth we'll recurse into DefaultNodeVisitor's defaultVisitNode during injection analysis to something around Xss / 4 since each recursion into defaultVisitNode actually hops through a few methods and we don't want to blow the stack. It shouldn't be common to have injections deeply nested, and even if they are it would be better to not blow up the stack and log a warning about increasing the stack size versus blowing up the stack.

      Attachments

        Activity

          People

            bbrownin@redhat.com Ben Browning
            bbrownin@redhat.com Ben Browning
            Archiver:
            samahaja@redhat.com Sagar Mahajan

            Dates

              Created:
              Updated:
              Resolved:
              Archived: