yaml-cpp icon indicating copy to clipboard operation
yaml-cpp copied to clipboard

Published 20 hours ago verified publisher icon jbeder

fix(src): avoid possible infinite loop in LoadAll().

Open FedeDP opened this issue 1 year ago • 4 comments

Leave at first empty root.

This avoids an infinite loop in case of HandleNextDocument returning true even if the document has errors, basically because no token.type gets matched in SingleDocParser::HandleNode, leading to eventHandler.OnNull(mark, anchor); being called indefinitely at each iteration, pushing a null node to documents vector.

Another solution would be to add a m_scanner.pop(); in the default switch case in SingleDocParser::HandleNode to make sure we always consume the current token.

The behavior causes this issue: https://github.com/falcosecurity/falco/issues/3281

Easily reproducible with a simple c++ example:

#include <yaml-cpp/yaml.h>

int main() {
    static const std::string yml = R"(
,
    )";
    YAML::LoadAll(yml);
    return 0;
}

FedeDP avatar Sep 12 '24 12:09 FedeDP

Added the test; please note that if #1318 is merged first, i'll need to rebase this PR on master and fix up the test (that will then throw a ParserException obviously). Or if this is merged first, i will need to rebase the other ;)

FedeDP avatar Sep 13 '24 07:09 FedeDP

Merged the other one. Go ahead and rebase this and then ping me.

jbeder avatar Sep 13 '24 08:09 jbeder

@jbeder done! Thanks for the quick response!

FedeDP avatar Sep 13 '24 08:09 FedeDP

Sorry for the ping @jbeder , any news on this one? :) Thanks!

FedeDP avatar Oct 10 '24 13:10 FedeDP

Hey @jbeder

Any update on this?

leogr avatar Oct 29 '24 13:10 leogr