summaryrefslogtreecommitdiff
path: root/vendor/gopkg.in/yaml.v2/scannerc.go
diff options
context:
space:
mode:
authordependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>2019-10-04 12:42:38 +0000
committerValentin Rothberg <rothberg@redhat.com>2019-10-04 15:27:36 +0200
commitf418fc70e7fe6e55c95d2130e52dee7f360eeff4 (patch)
tree2031b2033456ecd53f055245847072d6cbcafeb6 /vendor/gopkg.in/yaml.v2/scannerc.go
parent1fe955600979f54ada204afa6c357fd094d6f549 (diff)
downloadpodman-f418fc70e7fe6e55c95d2130e52dee7f360eeff4.tar.gz
podman-f418fc70e7fe6e55c95d2130e52dee7f360eeff4.tar.bz2
podman-f418fc70e7fe6e55c95d2130e52dee7f360eeff4.zip
Bump gopkg.in/yaml.v2 from 2.2.3 to 2.2.4
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.3 to 2.2.4. - [Release notes](https://github.com/go-yaml/yaml/releases) - [Commits](https://github.com/go-yaml/yaml/compare/v2.2.3...v2.2.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Diffstat (limited to 'vendor/gopkg.in/yaml.v2/scannerc.go')
-rw-r--r--vendor/gopkg.in/yaml.v2/scannerc.go16
1 files changed, 16 insertions, 0 deletions
diff --git a/vendor/gopkg.in/yaml.v2/scannerc.go b/vendor/gopkg.in/yaml.v2/scannerc.go
index 077fd1dd2..570b8ecd1 100644
--- a/vendor/gopkg.in/yaml.v2/scannerc.go
+++ b/vendor/gopkg.in/yaml.v2/scannerc.go
@@ -906,6 +906,9 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool {
return true
}
+// max_flow_level limits the flow_level
+const max_flow_level = 10000
+
// Increase the flow level and resize the simple key list if needed.
func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool {
// Reset the simple key on the next level.
@@ -913,6 +916,11 @@ func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool {
// Increase the flow level.
parser.flow_level++
+ if parser.flow_level > max_flow_level {
+ return yaml_parser_set_scanner_error(parser,
+ "while increasing flow level", parser.simple_keys[len(parser.simple_keys)-1].mark,
+ fmt.Sprintf("exceeded max depth of %d", max_flow_level))
+ }
return true
}
@@ -925,6 +933,9 @@ func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool {
return true
}
+// max_indents limits the indents stack size
+const max_indents = 10000
+
// Push the current indentation level to the stack and set the new level
// the current column is greater than the indentation level. In this case,
// append or insert the specified token into the token queue.
@@ -939,6 +950,11 @@ func yaml_parser_roll_indent(parser *yaml_parser_t, column, number int, typ yaml
// indentation level.
parser.indents = append(parser.indents, parser.indent)
parser.indent = column
+ if len(parser.indents) > max_indents {
+ return yaml_parser_set_scanner_error(parser,
+ "while increasing indent level", parser.simple_keys[len(parser.simple_keys)-1].mark,
+ fmt.Sprintf("exceeded max depth of %d", max_indents))
+ }
// Create a token and insert it into the queue.
token := yaml_token_t{