Make sources responsible for respecting UPB_MAX_NESTING.

15 years ago · 87de804b63
parent dda1499a0e
commit 87de804b63
3 changed files with 6 additions and 16 deletions
--- a/src/upb_data.c
+++ b/src/upb_data.c
@ -366,7 +366,7 @@ typedef struct {
 struct upb_msgsink {
  upb_sink base;
  upb_msgdef *toplevel_msgdef;
-  upb_msgsink_frame stack[UPB_MAX_NESTING], *top, *limit;
+  upb_msgsink_frame stack[UPB_MAX_NESTING], *top;
 };

 /* Helper function that returns a pointer to where the next value for field "f"
@ -432,16 +432,11 @@ static upb_sink_status _upb_msgsink_strcb(upb_sink *s, upb_fielddef *f,
 static upb_sink_status _upb_msgsink_startcb(upb_sink *s, upb_fielddef *f,
                                            upb_status *status)
 {
+  (void)status;  // No detectable errors can occur.
  upb_msgsink *ms = (upb_msgsink*)s;
  upb_msg *oldmsg = ms->top->msg;
  upb_valueptr p = get_valueptr(oldmsg, f);
  ms->top++;
-  if(ms->top == ms->limit) {
-    upb_seterr(status, UPB_ERROR_MAX_NESTING_EXCEEDED,
-               "Nesting exceeded maximum (%d levels)\n",
-               UPB_MAX_NESTING);
-    return UPB_SINK_STOP;
-  }

  if(upb_isarray(f) || !upb_msg_has(oldmsg, f)) {
    upb_msgdef *md = upb_downcast_msgdef(f->def);
@ -500,7 +495,6 @@ upb_sink *upb_msgsink_sink(upb_msgsink *sink)
 void upb_msgsink_reset(upb_msgsink *ms, upb_msg *msg)
 {
  ms->top = ms->stack;
-  ms->limit = ms->stack + UPB_MAX_NESTING;
  ms->top->msg = msg;
  ms->top->md = ms->toplevel_msgdef;
 }
--- a/src/upb_encoder.c
+++ b/src/upb_encoder.c
@ -236,7 +236,7 @@ struct upb_sizebuilder {
  uint32_t size;

  // Stack of sizes for our current nesting.
-  uint32_t stack[UPB_MAX_NESTING], *top, *limit;
+  uint32_t stack[UPB_MAX_NESTING], *top;

  // Vector of sizes.
  uint32_t *sizes;
@ -280,18 +280,13 @@ static upb_sink_status _upb_sizebuilder_strcb(upb_sink *sink, upb_fielddef *f,
 static upb_sink_status _upb_sizebuilder_startcb(upb_sink *sink, upb_fielddef *f,
                                                upb_status *status)
 {
+  (void)status;
  (void)f;  // Unused (we calculate tag size and delimiter in endcb).
  upb_sizebuilder *sb = (upb_sizebuilder*)sink;
  if(f->type == UPB_TYPE(MESSAGE)) {
    *sb->top = sb->size;
    sb->top++;
    sb->size = 0;
-    if(sb->top == sb->limit) {
-      upb_seterr(status, UPB_ERROR_MAX_NESTING_EXCEEDED,
-                 "Nesting exceeded maximum (%d levels)\n",
-                 UPB_MAX_NESTING);
-      return UPB_SINK_STOP;
-    }
  } else {
    assert(f->type == UPB_TYPE(GROUP));
    sb->size += _upb_get_tag_size(f->number);
--- a/src/upb_sink.h
+++ b/src/upb_sink.h
@ -85,7 +85,8 @@ typedef upb_sink_status (*upb_str_cb)(upb_sink *s, upb_fielddef *f,
                                      upb_status *status);

 // The start and end callbacks are called when a submessage begins and ends,
-// respectively.
+// respectively.  The caller is responsible for ensuring that the nesting
+// level never exceeds UPB_MAX_NESTING.
 typedef upb_sink_status (*upb_start_cb)(upb_sink *s, upb_fielddef *f,
                                        upb_status *status);
 typedef upb_sink_status (*upb_end_cb)(upb_sink *s, upb_fielddef *f,