github/repmgr
1
0
Fork 0
mirror of https://github.com/EnterpriseDB/repmgr.git synced 2026-03-26 08:36:30 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

configuration: add maximum nesting depth

Browse Source 
As with ff4771ab, this is the same behaviour as core PostgreSQL.
This commit is contained in:
Ian Barwick
2020-05-14 16:25:20 +09:00
parent 5c16e94672
commit b7475792e7
1 changed files with 26 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
configfile-scan.l
View File

@@ -40,11 +40,11 @@ static sigjmp_buf *CONF_flex_fatal_jmp;
static char *CONF_scanstr(const char *s); static char *CONF_scanstr(const char *s);
static int CONF_flex_fatal(const char *msg); static int CONF_flex_fatal(const char *msg);
static bool ProcessConfigFile(const char *base_dir, const char *config_file, const char *calling_file, bool strict, KeyValueList *contents, ItemList *error_list, ItemList *warning_list); static bool ProcessConfigFile(const char *base_dir, const char *config_file, const char *calling_file, bool strict, int depth, KeyValueList *contents, ItemList *error_list, ItemList *warning_list);
static bool ProcessConfigFp(FILE *fp, const char *config_file, const char *calling_file, const char *base_dir, KeyValueList *contents, ItemList *error_list, ItemList *warning_list); static bool ProcessConfigFp(FILE *fp, const char *config_file, const char *calling_file, int depth, const char *base_dir, KeyValueList *contents, ItemList *error_list, ItemList *warning_list);
static bool ProcessConfigDirectory(const char *base_dir, const char *includedir, const char *calling_file, KeyValueList *contents, ItemList *error_list, ItemList *warning_list); static bool ProcessConfigDirectory(const char *base_dir, const char *includedir, const char *calling_file, int depth, KeyValueList *contents, ItemList *error_list, ItemList *warning_list);
static char *AbsoluteConfigLocation(const char *base_dir, const char *location, const char *calling_file); static char *AbsoluteConfigLocation(const char *base_dir, const char *location, const char *calling_file);
@@ -102,7 +102,7 @@ STRING \'([^'\\\n]|\\.|\'\')*\'
extern bool extern bool
ProcessRepmgrConfigFile(const char *config_file, const char *base_dir, ItemList *error_list, ItemList *warning_list) ProcessRepmgrConfigFile(const char *config_file, const char *base_dir, ItemList *error_list, ItemList *warning_list)
{ {
return ProcessConfigFile(base_dir, config_file, NULL, true, NULL, error_list, warning_list); return ProcessConfigFile(base_dir, config_file, NULL, true, 0, NULL, error_list, warning_list);
} }
@@ -111,11 +111,11 @@ ProcessPostgresConfigFile(const char *config_file, const char *base_dir, KeyValu
{ {
//printf("ProcessPostgresConfigFile(): base: %s file: %s\n", base_dir, config_file); //printf("ProcessPostgresConfigFile(): base: %s file: %s\n", base_dir, config_file);
return ProcessConfigFile(base_dir, config_file, NULL, true, contents, error_list, warning_list); return ProcessConfigFile(base_dir, config_file, NULL, true, 0, contents, error_list, warning_list);
} }
static bool static bool
ProcessConfigFile(const char *base_dir, const char *config_file, const char *calling_file, bool strict, KeyValueList *contents, ItemList *error_list, ItemList *warning_list) ProcessConfigFile(const char *base_dir, const char *config_file, const char *calling_file, bool strict, int depth, KeyValueList *contents, ItemList *error_list, ItemList *warning_list)
{ {
char *abs_path; char *abs_path;
bool success = true; bool success = true;
@@ -130,6 +130,19 @@ ProcessConfigFile(const char *base_dir, const char *config_file, const char *cal
return false; return false;
} }
/*
* Reject too-deep include nesting depth. This is just a safety check to
* avoid dumping core due to stack overflow if an include file loops back
* to itself. The maximum nesting depth is pretty arbitrary.
*/
if (depth > 10)
{
item_list_append_format(error_list,
_("could not open configuration file \"%s\": maximum nesting depth exceeded"),
config_file);
return false;
}
abs_path = AbsoluteConfigLocation(base_dir, config_file, calling_file); abs_path = AbsoluteConfigLocation(base_dir, config_file, calling_file);
/* Reject direct recursion */ /* Reject direct recursion */
@@ -162,7 +175,7 @@ ProcessConfigFile(const char *base_dir, const char *config_file, const char *cal
} }
else else
{ {
success = ProcessConfigFp(fp, abs_path, calling_file, base_dir, contents, error_list, warning_list); success = ProcessConfigFp(fp, abs_path, calling_file, depth + 1, base_dir, contents, error_list, warning_list);
} }
free(abs_path); free(abs_path);
@@ -171,7 +184,7 @@ ProcessConfigFile(const char *base_dir, const char *config_file, const char *cal
} }
static bool static bool
ProcessConfigFp(FILE *fp, const char *config_file, const char *calling_file, const char *base_dir, KeyValueList *contents, ItemList *error_list, ItemList *warning_list) ProcessConfigFp(FILE *fp, const char *config_file, const char *calling_file, int depth, const char *base_dir, KeyValueList *contents, ItemList *error_list, ItemList *warning_list)
{ {
volatile bool OK = true; volatile bool OK = true;
volatile YY_BUFFER_STATE lex_buffer = NULL; volatile YY_BUFFER_STATE lex_buffer = NULL;
@@ -256,7 +269,7 @@ ProcessConfigFp(FILE *fp, const char *config_file, const char *calling_file, con
* processed immediately. * processed immediately.
*/ */
if (!ProcessConfigDirectory(base_dir, opt_value, config_file, if (!ProcessConfigDirectory(base_dir, opt_value, config_file,
contents, depth + 1, contents,
error_list, warning_list)) error_list, warning_list))
OK = false; OK = false;
yy_switch_to_buffer(lex_buffer); yy_switch_to_buffer(lex_buffer);
@@ -266,7 +279,7 @@ ProcessConfigFp(FILE *fp, const char *config_file, const char *calling_file, con
else if (base_dir != NULL && strcasecmp(opt_name, "include_if_exists") == 0) else if (base_dir != NULL && strcasecmp(opt_name, "include_if_exists") == 0)
{ {
if (!ProcessConfigFile(base_dir, opt_value, config_file, if (!ProcessConfigFile(base_dir, opt_value, config_file,
false, contents, false, depth + 1, contents,
error_list, warning_list)) error_list, warning_list))
OK = false; OK = false;
@@ -277,7 +290,7 @@ ProcessConfigFp(FILE *fp, const char *config_file, const char *calling_file, con
else if (base_dir != NULL && strcasecmp(opt_name, "include") == 0) else if (base_dir != NULL && strcasecmp(opt_name, "include") == 0)
{ {
if (!ProcessConfigFile(base_dir, opt_value, config_file, if (!ProcessConfigFile(base_dir, opt_value, config_file,
true, contents, true, depth + 1, contents,
error_list, warning_list)) error_list, warning_list))
OK = false; OK = false;
@@ -370,7 +383,7 @@ cleanup:
* See ProcessConfigFp for further details. * See ProcessConfigFp for further details.
*/ */
static bool static bool
ProcessConfigDirectory(const char *base_dir, const char *includedir, const char *calling_file, KeyValueList *contents, ItemList *error_list, ItemList *warning_list) ProcessConfigDirectory(const char *base_dir, const char *includedir, const char *calling_file, int depth, KeyValueList *contents, ItemList *error_list, ItemList *warning_list)
{ {
char *directory; char *directory;
DIR *d; DIR *d;
@@ -471,7 +484,7 @@ ProcessConfigDirectory(const char *base_dir, const char *includedir, const char
for (i = 0; i < num_filenames; i++) for (i = 0; i < num_filenames; i++)
{ {
if (!ProcessConfigFile(base_dir, filenames[i], calling_file, if (!ProcessConfigFile(base_dir, filenames[i], calling_file,
true, contents, true, depth, contents,
error_list, warning_list)) error_list, warning_list))
{ {
status = false; status = false;