From b11b31495b7204fa954427344149f5b5d150abd6 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 27 Apr 2009 18:10:14 +0200 Subject: [PATCH] s3:loadparm: prevent infinite include nesting. This introduces a hard coded MAX_INCLUDE_DEPTH of 100. When this is exceeded, handle_include (and hence lp_load) fails. One could of course implement a more intelligent loop detection in the include-tree, but this would require some restructuring of the internal loadparm housekeeping. Maybe as a second improvement step. Michael --- source/param/loadparm.c | 21 +++++++++++++++++++-- 1 files changed, 19 insertions(+), 2 deletions(-) diff --git a/source/param/loadparm.c b/source/param/loadparm.c index d402087..72220c6 100644 --- a/source/param/loadparm.c +++ b/source/param/loadparm.c @@ -6689,6 +6689,10 @@ done: return ret; } +#define MAX_INCLUDE_DEPTH 100 + +static uint8_t include_depth; + static struct file_lists { struct file_lists *next; char *name; @@ -6876,12 +6880,22 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr) { char *fname; + if (include_depth >= MAX_INCLUDE_DEPTH) { + DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n", + include_depth)); + return false; + } + if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) { if (!bAllowIncludeRegistry) { return true; } if (bInGlobalSection) { - return process_registry_globals(); + bool ret; + include_depth++; + ret = process_registry_globals(); + include_depth--; + return ret; } else { DEBUG(1, ("\"include = registry\" only effective " "in %s section\n", GLOBAL_NAME)); @@ -6898,7 +6912,10 @@ static bool handle_include(int snum, const char *pszParmValue, char **ptr) string_set(ptr, fname); if (file_exist(fname, NULL)) { - bool ret = pm_process(fname, do_section, do_parameter, NULL); + bool ret; + include_depth++; + ret = pm_process(fname, do_section, do_parameter, NULL); + include_depth--; SAFE_FREE(fname); return ret; } -- 1.6.0.2