( )⚙ D4151 linelog: fix infinite loop vulnerability

This is an archive of the discontinued Mercurial Phabricator instance.

linelog: fix infinite loop vulnerability
ClosedPublic

Authored by quark on Aug 7 2018, 1:24 AM.

Details

Summary

Checking len(lines) is not a great way of detecting infinite loops, as
demonstrated in the added test. Therefore check instruction count instead.

The original C implementation does not have this problem. There are a few
other places where the C implementation enforces more strictly, like
a1 <= a2, b1 <= b2, rev > 0. But they are optional.

Test Plan

Add a test. The old code forces the test to time out.

Diff Detail

Repository
rHG Mercurial
Lint
Lint Skipped
Unit
Unit Tests Skipped

Event Timeline

quark created this revision.Aug 7 2018, 1:24 AM
quark updated this revision to Diff 10032.Aug 7 2018, 1:29 AM
quark edited the summary of this revision. (Show Details)Aug 7 2018, 1:31 AM
This revision was automatically updated to reflect the committed changes.