From 7d0c56c2879861e97e0c8af6daa16fa3b945eec4 Mon Sep 17 00:00:00 2001
From: wolfbeast <mcwerewolf@gmail.com>
Date: Thu, 15 Jun 2017 16:38:41 +0200
Subject: Restrict XML file recursion depth to 200.

This resolves #2.
---
 parser/htmlparser/nsExpatDriver.h | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'parser/htmlparser/nsExpatDriver.h')

diff --git a/parser/htmlparser/nsExpatDriver.h b/parser/htmlparser/nsExpatDriver.h
index 1bf022ade..0d62bd09d 100644
--- a/parser/htmlparser/nsExpatDriver.h
+++ b/parser/htmlparser/nsExpatDriver.h
@@ -16,6 +16,9 @@
 #include "nsIParser.h"
 #include "nsCycleCollectionParticipant.h"
 
+// Tree depth limit for XML-based files (xml/svg/etc.)
+#define MAX_XML_TREE_DEPTH 200
+
 class nsIExpatSink;
 class nsIExtendedExpatSink;
 struct nsCatalogData;
@@ -37,7 +40,7 @@ public:
                               const char16_t *aBase,
                               const char16_t *aSystemId,
                               const char16_t *aPublicId);
-  nsresult HandleStartElement(const char16_t *aName, const char16_t **aAtts);
+  void HandleStartElement(const char16_t *aName, const char16_t **aAtts);
   nsresult HandleEndElement(const char16_t *aName);
   nsresult HandleCharacterData(const char16_t *aCData, const uint32_t aLength);
   nsresult HandleComment(const char16_t *aName);
@@ -119,6 +122,8 @@ private:
   // Whether we're sure that we won't be getting more buffers to parse from
   // Necko
   bool             mIsFinalChunk;
+  
+  uint8_t          mTagDepth;
 
   nsresult         mInternalState;
 
-- 
cgit v1.2.3