linelog: fix infinite loop vulnerability
ClosedPublic

Authored by quark on Aug 7 2018, 1:24 AM.

Details

Summary

Checking len(lines) is not a great way of detecting infinite loops, as
demonstrated in the added test. Therefore check instruction count instead.

The original C implementation does not have this problem. There are a few
other places where the C implementation enforces more strictly, like
a1 <= a2, b1 <= b2, rev > 0. But they are optional.

Test Plan

Add a test. The old code forces the test to time out.

Diff Detail

Repository
rHG Mercurial
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.
quark created this revision.Aug 7 2018, 1:24 AM
quark updated this revision to Diff 10032.Aug 7 2018, 1:29 AM
quark edited the summary of this revision. (Show Details)Aug 7 2018, 1:31 AM
This revision was automatically updated to reflect the committed changes.