BR 3392667: more reasonable limit for expression descent

Set an expression descent limit to 8192, which is more reasonable to
expect to work on most platforms. Furthermore, if getrlimit() exists,
then try to use it to see if we need to further limit the size.

Signed-off-by: H. Peter Anvin (Intel) <hpa@zytor.com>

8 files changed, 113 insertions, 5 deletions

diff --git a/Makefile.in b/Makefile.in
index 7cc210e2..b510face 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -109,7 +109,7 @@ LIBOBJ = stdlib/snprintf.$(O) stdlib/vsnprintf.$(O) stdlib/strlcpy.$(O) \
 	nasmlib/string.$(O) nasmlib/nctype.$(O) \
 	nasmlib/file.$(O) nasmlib/mmap.$(O) nasmlib/ilog2.$(O) \
 	nasmlib/realpath.$(O) nasmlib/path.$(O) \
-	nasmlib/filename.$(O) \
+	nasmlib/filename.$(O) nasmlib/rlimit.$(O) \
 	nasmlib/zerobuf.$(O) nasmlib/readnum.$(O) nasmlib/bsi.$(O) \
 	nasmlib/rbtree.$(O) nasmlib/hashtbl.$(O) \
 	nasmlib/raa.$(O) nasmlib/saa.$(O) \
diff --git a/asm/nasm.c b/asm/nasm.c
index a30831dc..45490569 100644
--- a/asm/nasm.c
+++ b/asm/nasm.c
@@ -1,6 +1,6 @@
-/* ----------------------------------------------------------------------- *
+ /* ----------------------------------------------------------------------- *
  *
- *   Copyright 1996-2018 The NASM Authors - All Rights Reserved
+ *   Copyright 1996-2020 The NASM Authors - All Rights Reserved
  *   See the file AUTHORS included with the NASM distribution for
  *   the specific copyright holders.
  *
@@ -192,15 +192,27 @@ static const struct limit_info limit_info[LIMIT_MAX+1] = {
     { "macro-tokens", "tokens processed during single-lime macro expansion", 10000000 },
     { "mmacros", "multi-line macros before final return", 100000 },
     { "rep", "%rep count", 1000000 },
-    { "eval", "expression evaluation descent", 1000000},
+    { "eval", "expression evaluation descent", 8192 },
     { "lines", "total source lines processed", 2000000000 }
 };
 
 static void set_default_limits(void)
 {
     int i;
+    size_t rl;
+    int64_t new_limit;
+
     for (i = 0; i <= LIMIT_MAX; i++)
         nasm_limit[i] = limit_info[i].default_val;
+
+    /*
+     * Try to set a sensible default value for the eval depth based
+     * on the limit of the stack size, if knowable...
+     */
+    rl = nasm_get_stack_size_limit();
+    new_limit = rl / (128 * sizeof(void *)); /* Sensible heuristic */
+    if (new_limit < nasm_limit[LIMIT_EVAL])
+        nasm_limit[LIMIT_EVAL] = new_limit;
 }
 
 enum directive_result
diff --git a/config/unconfig.h b/config/unconfig.h
index 4b01eb6e..d01c2b3e 100644
--- a/config/unconfig.h
+++ b/config/unconfig.h
@@ -271,6 +271,9 @@
 /* Define to 1 if you have the `getpagesize' function. */
 /* #undef HAVE_GETPAGESIZE */
 
+/* Define to 1 if you have the `getrlimit' function. */
+/* #undef HAVE_GETRLIMIT */
+
 /* Define to 1 if you have the `getuid' function. */
 /* #undef HAVE_GETUID */
 
@@ -385,6 +388,9 @@
 /* Define to 1 if you have the <sys/param.h> header file. */
 /* #undef HAVE_SYS_PARAM_H */
 
+/* Define to 1 if you have the <sys/resource.h> header file. */
+/* #undef HAVE_SYS_RESOURCE_H */
+
 /* Define to 1 if you have the <sys/stat.h> header file. */
 /* #undef HAVE_SYS_STAT_H */
 
diff --git a/configure.ac b/configure.ac
index 777b364b..85393d03 100644
--- a/configure.ac
+++ b/configure.ac
@@ -159,6 +159,7 @@ AC_CHECK_HEADERS(unistd.h)
 AC_CHECK_HEADERS(sys/mman.h)
 AC_CHECK_HEADERS(sys/types.h)
 AC_CHECK_HEADERS(sys/stat.h)
+AC_CHECK_HEADERS(sys/resource.h)
 
 dnl Checks for library functions.
 AC_CHECK_FUNCS(strcasecmp stricmp)
@@ -172,6 +173,7 @@ AC_CHECK_FUNCS(mempcpy)
 
 AC_CHECK_FUNCS(getuid)
 AC_CHECK_FUNCS(getgid)
+AC_CHECK_FUNCS(getrlimit)
 
 AC_CHECK_FUNCS(realpath)
 AC_CHECK_FUNCS(canonicalize_file_name)
diff --git a/include/compiler.h b/include/compiler.h
index 7c937988..43984338 100644
--- a/include/compiler.h
+++ b/include/compiler.h
@@ -360,6 +360,13 @@ static inline void *mempcpy(void *dst, const void *src, size_t n)
 # endif
 #endif
 
+/*
+ * If SIZE_MAX is not defined, rely on size_t being unsigned
+ */
+#ifndef SIZE_MAX
+# define SIZE_MAX (((size_t)0) - 1)
+#endif
+
 /* Watcom doesn't handle switch statements with 64-bit types, hack around it */
 #ifdef __WATCOMC__
 # define BOGUS_CASE 0x76543210
diff --git a/include/nasmlib.h b/include/nasmlib.h
index c4b4ac4c..e9bfbccf 100644
--- a/include/nasmlib.h
+++ b/include/nasmlib.h
@@ -1,6 +1,6 @@
 /* ----------------------------------------------------------------------- *
  *
- *   Copyright 1996-2019 The NASM Authors - All Rights Reserved
+ *   Copyright 1996-2020 The NASM Authors - All Rights Reserved
  *   See the file AUTHORS included with the NASM distribution for
  *   the specific copyright holders.
  *
@@ -456,4 +456,7 @@ static inline int64_t const_func signed_bits(int64_t value, int bits)
 /* check if value is power of 2 */
 #define is_power2(v)   ((v) && ((v) & ((v) - 1)) == 0)
 
+/* try to get the system stack size */
+extern size_t nasm_get_stack_size_limit(void);
+
 #endif
diff --git a/nasmlib/rlimit.c b/nasmlib/rlimit.c
new file mode 100644
index 00000000..096879f8
--- /dev/null
+++ b/nasmlib/rlimit.c
@@ -0,0 +1,78 @@
+ /* ----------------------------------------------------------------------- *
+ *
+ *   Copyright 2020 The NASM Authors - All Rights Reserved
+ *   See the file AUTHORS included with the NASM distribution for
+ *   the specific copyright holders.
+ *
+ *   Redistribution and use in source and binary forms, with or without
+ *   modification, are permitted provided that the following
+ *   conditions are met:
+ *
+ *   * Redistributions of source code must retain the above copyright
+ *     notice, this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above
+ *     copyright notice, this list of conditions and the following
+ *     disclaimer in the documentation and/or other materials provided
+ *     with the distribution.
+ *
+ *     THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
+ *     CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *     INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ *     MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ *     DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ *     CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ *     SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ *     NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ *     LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ *     HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *     CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ *     OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+ *     EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ * ----------------------------------------------------------------------- */
+
+#include "compiler.h"
+#include "nasmlib.h"
+
+#ifdef HAVE_SYS_RESOURCE_H
+# include <sys/resource.h>
+#endif
+
+#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_STACK)
+
+size_t nasm_get_stack_size_limit(void)
+{
+    struct rlimit rl;
+
+    if (getrlimit(RLIMIT_STACK, &rl))
+        return SIZE_MAX;
+
+# ifdef RLIM_SAVED_MAX
+    if (rl.rlim_cur == RLIM_SAVED_MAX)
+        rl.rlim_cur = rl.rlim_max;
+# endif
+
+    if (
+# ifdef RLIM_INFINITY
+        rl.rlim_cur >= RLIM_INFINITY ||
+# endif
+# ifdef RLIM_SAVED_CUR
+        rl.rlim_cur == RLIM_SAVED_CUR ||
+# endif
+# ifdef RLIM_SAVED_MAX
+        rl.rlim_cur == RLIM_SAVED_MAX ||
+# endif
+        (size_t)rl.rlim_cur != rl.rlim_cur)
+        return SIZE_MAX;
+
+    return rl.rlim_cur;
+}
+
+#else
+
+size_t nasm_get_stack_size_limit(void)
+{
+    return SIZE_MAX;
+}
+
+#endif
diff --git a/test/br3392667.asm b/test/br3392667.asm
new file mode 100644
index 00000000..540cafe9
--- /dev/null
+++ b/test/br3392667.asm