[ruby/prism] Support a max depth to protect against malicious payloads

https://github.com/ruby/prism/commit/a474017bbe
2024-09-24 12:52:39 -04:00 · 2024-09-24 12:52:39 -04:00 · 57688cd625
--- a/prism/config.yml
+++ b/prism/config.yml
@ -185,6 +185,7 @@ errors:
  - MODULE_TERM
  - MULTI_ASSIGN_MULTI_SPLATS
  - MULTI_ASSIGN_UNEXPECTED_REST
+  - NESTING_TOO_DEEP
  - NO_LOCAL_VARIABLE
  - NOT_EXPRESSION
  - NUMBER_LITERAL_UNDERSCORE
--- a/prism/defines.h
+++ b/prism/defines.h
@ -25,6 +25,15 @@
 #define __STDC_FORMAT_MACROS
 #include <inttypes.h>

+/**
+ * When we are parsing using recursive descent, we want to protect against
+ * malicious payloads that could attempt to crash our parser. We do this by
+ * specifying a maximum depth to which we are allowed to recurse.
+ */
+#ifndef PRISM_DEPTH_MAXIMUM
+    #define PRISM_DEPTH_MAXIMUM 1000
+#endif
+
 /**
 * By default, we compile with -fvisibility=hidden. When this is enabled, we
 * need to mark certain functions as being publically-visible. This macro does
@ -212,4 +221,28 @@
    #define PRISM_ENCODING_EXCLUDE_FULL
 #endif

+/**
+ * Support PRISM_LIKELY and PRISM_UNLIKELY to help the compiler optimize its
+ * branch predication.
+ */
+#if defined(__GNUC__) || defined(__clang__)
+    /** The compiler should predicate that this branch will be taken. */
+    #define PRISM_LIKELY(x) __builtin_expect(!!(x), 1)
+
+    /** The compiler should predicate that this branch will not be taken. */
+    #define PRISM_UNLIKELY(x) __builtin_expect(!!(x), 0)
+#elif defined(_MSC_VER) && (_MSC_VER >= 1400)
+    /** The compiler should predicate that this branch will be taken. */
+    #define PRISM_LIKELY(x) __assume((x))
+
+    /** The compiler should predicate that this branch will not be taken. */
+    #define PRISM_UNLIKELY(x) __assume(!(x))
+#else
+    /** Void because this platform does not support branch prediction hints. */
+    #define PRISM_LIKELY(x)   (x)
+
+    /** Void because this platform does not support branch prediction hints. */
+    #define PRISM_UNLIKELY(x) (x)
+#endif
+
 #endif
--- a/prism/prism.c
+++ b/prism/prism.c
--- a/prism/templates/src/diagnostic.c.erb
+++ b/prism/templates/src/diagnostic.c.erb
@ -267,8 +267,9 @@ static const pm_diagnostic_data_t diagnostic_messages[PM_DIAGNOSTIC_ID_MAX] = {
    [PM_ERR_MODULE_TERM]                        = { "expected an `end` to close the `module` statement", PM_ERROR_LEVEL_SYNTAX },
    [PM_ERR_MULTI_ASSIGN_MULTI_SPLATS]          = { "multiple splats in multiple assignment", PM_ERROR_LEVEL_SYNTAX },
    [PM_ERR_MULTI_ASSIGN_UNEXPECTED_REST]       = { "unexpected '%.*s' resulting in multiple splats in multiple assignment", PM_ERROR_LEVEL_SYNTAX },
-    [PM_ERR_NOT_EXPRESSION]                     = { "expected an expression after `not`", PM_ERROR_LEVEL_SYNTAX },
+    [PM_ERR_NESTING_TOO_DEEP]                   = { "nesting too deep", PM_ERROR_LEVEL_SYNTAX },
    [PM_ERR_NO_LOCAL_VARIABLE]                  = { "%.*s: no such local variable", PM_ERROR_LEVEL_SYNTAX },
+    [PM_ERR_NOT_EXPRESSION]                     = { "expected an expression after `not`", PM_ERROR_LEVEL_SYNTAX },
    [PM_ERR_NUMBER_LITERAL_UNDERSCORE]          = { "number literal ending with a `_`", PM_ERROR_LEVEL_SYNTAX },
    [PM_ERR_NUMBERED_PARAMETER_INNER_BLOCK]     = { "numbered parameter is already used in inner block", PM_ERROR_LEVEL_SYNTAX },
    [PM_ERR_NUMBERED_PARAMETER_IT]              = { "numbered parameters are not allowed when 'it' is already used", PM_ERROR_LEVEL_SYNTAX },