texlive[67969] Build/source/texk/web2c/alephdir: aleph: introduce

commits+hironobu at tug.org commits+hironobu at tug.org
Fri Aug 18 17:42:55 CEST 2023 

Revision: 67969
          http://tug.org/svn/texlive?view=revision&revision=67969
Author:   hironobu
Date:     2023-08-18 17:42:55 +0200 (Fri, 18 Aug 2023)
Log Message:
-----------
aleph: introduce expand_depth to avoid overflow
based on tex-k list 2020-05-27

Modified Paths:
--------------
    trunk/Build/source/texk/web2c/alephdir/ChangeLog
    trunk/Build/source/texk/web2c/alephdir/com16bit.ch
    trunk/Build/source/texk/web2c/alephdir/comsrcspec.ch
    trunk/Build/source/texk/web2c/alephdir/eobase.ch

Modified: trunk/Build/source/texk/web2c/alephdir/ChangeLog
===================================================================
--- trunk/Build/source/texk/web2c/alephdir/ChangeLog	2023-08-18 15:11:05 UTC (rev 67968)
+++ trunk/Build/source/texk/web2c/alephdir/ChangeLog	2023-08-18 15:42:55 UTC (rev 67969)
@@ -1,3 +1,10 @@
+2023-08-18  Hironobu Yamashita <h.y.acetaminophen at gmail.com>
+
+	* com16bit.ch: Sync with tex.ch changes:
+	  - 2008-01-02 r6024 introduce expand_depth.
+	* eobase.ch: Sync with etex.ch changes:
+	  - 2021-02-22 r57850 avoid "expansion depth" overflow.
+
 2023-03-09  Karl Berry  <karl at tug.org>
 
 	* TL'23 release.

Modified: trunk/Build/source/texk/web2c/alephdir/com16bit.ch
===================================================================
--- trunk/Build/source/texk/web2c/alephdir/com16bit.ch	2023-08-18 15:11:05 UTC (rev 67968)
+++ trunk/Build/source/texk/web2c/alephdir/com16bit.ch	2023-08-18 15:42:55 UTC (rev 67969)
@@ -230,6 +230,9 @@
 
 @!sup_hyph_size = ssup_hyph_size;
 @!inf_hyph_size = iinf_hyphen_size; {Must be not less than |hyph_prime|!}
+
+@!inf_expand_depth = 10;
+@!sup_expand_depth = 10000000;
 @z
 
 @x [1.12] l.427 - Constants that are WEB numeric macros.
@@ -466,6 +469,7 @@
 @!save_size:integer; {space for saving values outside of current group; must be
   at most |max_halfword|}
 @!dvi_buf_size:integer; {size of the output buffer; must be a multiple of 8}
+@!expand_depth:integer; {limits recursive calls to the |expand| procedure}
 @!quoted_filename:boolean; {current filename is quoted}
 @z
 
@@ -1039,6 +1043,22 @@
 source_filename_stack[0]:=0;full_source_filename_stack[0]:=0;
 @z
 
+ at x [25.366] l.7672 - expansion depth overflow
+begin cv_backup:=cur_val; cvl_backup:=cur_val_level; radix_backup:=radix;
+ at y
+begin
+incr(expand_depth_count);
+if expand_depth_count>=expand_depth then overflow("expansion depth",expand_depth);
+cv_backup:=cur_val; cvl_backup:=cur_val_level; radix_backup:=radix;
+ at z
+
+ at x [25.366] l.7678 - expansion depth overflow
+cur_order:=co_backup; link(backup_head):=backup_backup;
+ at y
+cur_order:=co_backup; link(backup_head):=backup_backup;
+decr(expand_depth_count);
+ at z
+
 % Original report: https://tex.stackexchange.com/questions/609423
 % TeX bug entry: https://tug.org/texmfbug/newbug.html#B155endwrite
 @x [25.369] l.7717 - disallow \noexpand\endwrite
@@ -2564,6 +2584,7 @@
   setup_bound_var (79)('error_line')(error_line);
   setup_bound_var (50)('half_error_line')(half_error_line);
   setup_bound_var (79)('max_print_line')(max_print_line);
+  setup_bound_var (10000)('expand_depth')(expand_depth);
   const_chk (main_memory);
 @+init
   if ini_version then begin
@@ -3021,5 +3042,27 @@
     get_nullstr := "";
 end;
 
+
+@* \[54/web2c] More changes for Web2c.
+% Related to [25.366] expansion depth check
+Sometimes, recursive calls to the |expand| routine may
+cause exhaustion of the run-time calling stack, resulting in
+forced execution stops by the operating system. To diminish the chance
+of this happening, a counter is used to keep track of the recursion
+depth, in conjunction with a constant called |expand_depth|.
+
+This does not catch all possible infinite recursion loops, just the ones
+that exhaust the application calling stack. The actual maximum value of
+|expand_depth| is outside of our control, but the initial setting of
+|10000| should be enough to prevent problems.
+@^system dependencies@>
+
+@<Global...@>=
+expand_depth_count:integer;
+
+@ @<Set init...@>=
+expand_depth_count:=0;
+
+
 @* \[54] System-dependent changes.
 @z

Modified: trunk/Build/source/texk/web2c/alephdir/comsrcspec.ch
===================================================================
--- trunk/Build/source/texk/web2c/alephdir/comsrcspec.ch	2023-08-18 15:11:05 UTC (rev 67968)
+++ trunk/Build/source/texk/web2c/alephdir/comsrcspec.ch	2023-08-18 15:42:55 UTC (rev 67969)
@@ -1,8 +1,6 @@
 @x
-@!dvi_buf_size:integer; {size of the output buffer; must be a multiple of 8}
 @!quoted_filename:boolean; {current filename is quoted}
 @y
-@!dvi_buf_size:integer; {size of the output buffer; must be a multiple of 8}
 @!quoted_filename:boolean; {current filename is quoted}
 @!special_loc:pointer;
 @!special_token:halfword;

Modified: trunk/Build/source/texk/web2c/alephdir/eobase.ch
===================================================================
--- trunk/Build/source/texk/web2c/alephdir/eobase.ch	2023-08-18 15:11:05 UTC (rev 67968)
+++ trunk/Build/source/texk/web2c/alephdir/eobase.ch	2023-08-18 15:42:55 UTC (rev 67969)
@@ -3586,7 +3586,10 @@
 @!p:pointer; {top of expression stack}
 @!q:pointer; {for stack manipulations}
 begin l:=cur_val_level; a:=arith_error; b:=false; p:=null;
+incr(expand_depth_count);
+if expand_depth_count>=expand_depth then overflow("expansion depth",expand_depth);
 @<Scan and evaluate an expression |e| of type |l|@>;
+decr(expand_depth_count);
 if b then
   begin print_err("Arithmetic overflow");
 @.Arithmetic overflow@>

More information about the tex-live-commits mailing list.