github/hugo
1
0
Fork 0
mirror of https://github.com/gohugoio/hugo.git synced 2024-11-07 20:30:36 -05:00
Code Issues Projects Releases Packages Wiki Activity

identity: Fix potential infinite recursion in server change detection

Browse source 
Fixes #6986
This commit is contained in:
Bjørn Erik Pedersen 2020-02-29 12:05:06 +01:00
parent b0d850321e
commit 6f48146e75
1 changed files with 14 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
identity/identity.go
View file

@ -24,14 +24,24 @@ func NewPathIdentity(typ, pat string) PathIdentity {
// Identities stores identity providers. // Identities stores identity providers.
type Identities map[Identity]Provider type Identities map[Identity]Provider
func (ids Identities) search(id Identity) Provider { func (ids Identities) search(depth int, id Identity) Provider {
if v, found := ids[id]; found {
if v, found := ids[id.GetIdentity()]; found {
return v return v
} }
depth++
// There may be infinite recursion in templates.
if depth > 100 {
// Bail out.
return nil
}
for _, v := range ids { for _, v := range ids {
switch t := v.(type) { switch t := v.(type) {
case IdentitiesProvider: case IdentitiesProvider:
if nested := t.GetIdentities().search(id); nested != nil { if nested := t.GetIdentities().search(depth, id); nested != nil {
return nested return nested
} }
} }
@ -127,5 +137,5 @@ func (im *identityManager) GetIdentities() Identities {
func (im *identityManager) Search(id Identity) Provider { func (im *identityManager) Search(id Identity) Provider {
im.Lock() im.Lock()
defer im.Unlock() defer im.Unlock()
return im.ids.search(id.GetIdentity()) return im.ids.search(0, id.GetIdentity())
} }