Test for CVE-2017-5950

2020-01-20 15:25:05 +00:00 · 2020-01-20 15:25:05 +00:00 · d8934a4358
commit d8934a4358
parent 9b8f35093e
1 changed files with 13 additions and 0 deletions
--- a/test/parser_test.cpp
+++ b/test/parser_test.cpp
@ -1,9 +1,11 @@
 #include "yaml-cpp/parser.h"
+#include "yaml-cpp/exceptions.h"
 #include "mock_event_handler.h"
 #include "gtest/gtest.h"

 using YAML::Parser;
 using YAML::MockEventHandler;
+using ::testing::NiceMock;
 using ::testing::StrictMock;

 TEST(ParserTest, Empty) {
@ -14,3 +16,14 @@ TEST(ParserTest, Empty) {
    StrictMock<MockEventHandler> handler;
    EXPECT_FALSE(parser.HandleNextDocument(handler));
 }
+
+TEST(ParserTest, CVE_2017_5950) {
+    std::string excessive_recursion;
+    for (auto i = 0; i != 16384; ++i)
+        excessive_recursion.push_back('[');
+    std::istringstream input{excessive_recursion};
+    Parser parser{input};
+
+    NiceMock<MockEventHandler> handler;
+    EXPECT_THROW(parser.HandleNextDocument(handler), YAML::ParserException);
+}