From bcce31b548870c323747085676f118b5b46ed234 Mon Sep 17 00:00:00 2001 From: chriseth Date: Mon, 14 Aug 2017 18:58:56 +0200 Subject: Tests for recursion exploit in parser. --- test/libsolidity/SolidityParser.cpp | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'test') diff --git a/test/libsolidity/SolidityParser.cpp b/test/libsolidity/SolidityParser.cpp index 75cad8d9..23276fcd 100644 --- a/test/libsolidity/SolidityParser.cpp +++ b/test/libsolidity/SolidityParser.cpp @@ -1363,6 +1363,30 @@ BOOST_AUTO_TEST_CASE(conditional_with_assignment) BOOST_CHECK(successParse(text)); } +BOOST_AUTO_TEST_CASE(recursion_depth1) +{ + string text("contract C { bytes"); + for (size_t i = 0; i < 30000; i++) + text += "["; + CHECK_PARSE_ERROR(text.c_str(), "Maximum recursion depth reached during parsing"); +} + +BOOST_AUTO_TEST_CASE(recursion_depth2) +{ + string text("contract C { function f() {"); + for (size_t i = 0; i < 30000; i++) + text += "{"; + CHECK_PARSE_ERROR(text, "Maximum recursion depth reached during parsing"); +} + +BOOST_AUTO_TEST_CASE(recursion_depth3) +{ + string text("contract C { function f() { uint x = f("); + for (size_t i = 0; i < 30000; i++) + text += "("; + CHECK_PARSE_ERROR(text, "Maximum recursion depth reached during parsing"); +} + BOOST_AUTO_TEST_CASE(declaring_fixed_and_ufixed_variables) { char const* text = R"( -- cgit v1.2.3 From 32e43477c336c9180eedd6ad968595e33ecde704 Mon Sep 17 00:00:00 2001 From: chriseth Date: Mon, 14 Aug 2017 18:59:17 +0200 Subject: Prevent too deep recursion in parser. --- test/libsolidity/SolidityParser.cpp | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'test') diff --git a/test/libsolidity/SolidityParser.cpp b/test/libsolidity/SolidityParser.cpp index 23276fcd..30dc80d9 100644 --- a/test/libsolidity/SolidityParser.cpp +++ b/test/libsolidity/SolidityParser.cpp @@ -1387,6 +1387,18 @@ BOOST_AUTO_TEST_CASE(recursion_depth3) CHECK_PARSE_ERROR(text, "Maximum recursion depth reached during parsing"); } +BOOST_AUTO_TEST_CASE(recursion_depth4) +{ + string text("contract C { function f() { uint a;"); + for (size_t i = 0; i < 30000; i++) + text += "("; + text += "a"; + for (size_t i = 0; i < 30000; i++) + text += "++)"; + text += "}}"; + CHECK_PARSE_ERROR(text, "Maximum recursion depth reached during parsing"); +} + BOOST_AUTO_TEST_CASE(declaring_fixed_and_ufixed_variables) { char const* text = R"( -- cgit v1.2.3