From aad086899c59539e1a783e05b492a6d31941c306 Mon Sep 17 00:00:00 2001
From: Nick Fitzgerald <fitzgen@gmail.com>
Date: Thu, 6 Aug 2020 16:03:16 -0700
Subject: [PATCH] peepmatic: Implement maximum nesting level in parser

So that we don't blow the stack.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24705
---
 cranelift/peepmatic/src/parser.rs | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/cranelift/peepmatic/src/parser.rs b/cranelift/peepmatic/src/parser.rs
index 95a84c9433..fae87f8974 100644
--- a/cranelift/peepmatic/src/parser.rs
+++ b/cranelift/peepmatic/src/parser.rs
@@ -429,6 +429,13 @@ where
     DynAstRef<'a, TOperator>: From<&'a TOperand>,
 {
     fn parse(p: Parser<'a>) -> ParseResult<Self> {
+        // Don't blow the stack with this recursive parser. We don't expect
+        // nesting to ever get very deep, so it isn't worth refactoring this
+        // code to be non-recursive.
+        if p.parens_depth() > 25 {
+            return Err(p.error("module nesting too deep"));
+        }
+
         let span = p.cur_span();
         p.parens(|p| {
             let operator = p.parse()?;
@@ -816,6 +823,9 @@ mod test {
                 "$var",
                 "$CONST",
                 "(ishl $x $(log2 $C))",
+
+                // Nesting too deep.
+                "(iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd (iadd))))))))))))))))))))))))))))))))))))))))))))))))))",
             }
         }
         parse_operation_rhs<Operation<TestOperator, Rhs<TestOperator>>> {