[ovs-dev] [PATCH] expr: Set a limit on the depth of nested parentheses

Ben Pfaff blp at ovn.org
Mon Oct 8 18:02:17 UTC 2018

On Thu, Oct 04, 2018 at 04:30:10PM -0700, Yifeng Sun wrote:
> Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10714
> Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
> Suggested-by: Ben Pfaff <blp at ovn.org>

Thanks for fixing this bug.

In parse_chassis_resident(), in two error cases, paren_depth is
incremented but never decremented.  Maybe it does not matter because
these are error cases, but I would prefer to always correctly maintain
the depth.

It is not necessary to initial paren_depth explicitly in expr_parse(),
because it will be initialized to 0 by the compiler automatically.  Some
developers would argue that it's a good idea anyway, which is also a
fine position to take, but in that case I'd suggest that all of other
places we initialize an expr_context (I see four others) we should also
initialize paren_depth explicitly.

Please add a test for this new error message in the "ovn -- expression
parser" test in tests/ovn.at.



