Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use a loop to evaluate binary comparisions to avoid recursion #891

Merged
merged 1 commit into from
May 10, 2017
Merged

Use a loop to evaluate binary comparisions to avoid recursion #891

merged 1 commit into from
May 10, 2017
+19 −9

Conversation

dylanahsmith
Copy link
Contributor

Fixes #890

Problem

Running the following script results in a SystemStackError due to the recursive method calls used to evaluate conditions

require 'liquid'

code = "{% if true "
code << "and true " * 50_000
code << "%}rendered{% endif %}"
puts Liquid::Template.parse(code).render

Solution

Use a loop to evaluate the conditions, where local variables keep track of the current state, including a condition variable that is used instead of self to evaluate child conditions.

@dylanahsmith
Use a loop to evaluate binary comparisions to avoid recursion
21d267c 
Using recursion allows a malicious template to cause a SystemStackError
@dylanahsmith dylanahsmith requested review from fw42 and ph3t May 9, 2017 20:46
@dylanahsmith dylanahsmith mentioned this pull request May 9, 2017
Merged
@fw42
Copy link
Contributor

fw42 commented May 9, 2017

I guess it's a bit tricky to write a regression test for this?

fw42
fw42 approved these changes May 9, 2017
View reviewed changes
Copy link
Contributor

@fw42 fw42 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is smart, thanks Dylan! ❤️

@dylanahsmith
Copy link
Contributor Author

The tricky part of writing the regression test would be determining the size of the condition chain needed to cause a SystemStackError with the recursive version of the code. Even after getting that right it would end up being a slow test in our test suite.

ph3t
ph3t approved these changes May 9, 2017
View reviewed changes
Copy link

@ph3t ph3t left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@dylanahsmith dylanahsmith merged commit 8928454 into master May 10, 2017
@dylanahsmith dylanahsmith deleted the loop-eval-conditions branch May 10, 2017 14:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fw42 fw42

@ph3t ph3t

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@dylanahsmith @fw42 @ph3t