diff --git a/CHANGELOG.md b/CHANGELOG.md index bfc7788..895a749 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,8 @@ ### Improvements ### Changes +- Adds a default of 2 million for max evaluated expressions. ### Fixed -### Security \ No newline at end of file +### Security diff --git a/bexpr.go b/bexpr.go index 4b5a35c..de7c5e8 100644 --- a/bexpr.go +++ b/bexpr.go @@ -32,6 +32,7 @@ type Evaluator struct { // CreateEvaluator is used to create and configure a new Evaluator, the expression // will be used by the evaluator when evaluating against any supplied datum. +// By default the evaluator will error after 2 million expressions. // The following Option types are supported: // WithHookFn, WithMaxExpressions, WithTagName, WithUnknownValue. func CreateEvaluator(expression string, opts ...Option) (*Evaluator, error) { @@ -39,6 +40,9 @@ func CreateEvaluator(expression string, opts ...Option) (*Evaluator, error) { var parserOpts []grammar.Option if parsedOpts.withMaxExpressions != 0 { parserOpts = append(parserOpts, grammar.MaxExpressions(parsedOpts.withMaxExpressions)) + } else { + // Use sane default as large expressions consume significant memory + parserOpts = append(parserOpts, grammar.MaxExpressions(2000000)) } ast, err := grammar.Parse("", []byte(expression), parserOpts...) diff --git a/bexpr_test.go b/bexpr_test.go index 3e0898f..2f11b94 100644 --- a/bexpr_test.go +++ b/bexpr_test.go @@ -21,18 +21,23 @@ func TestCreateEvaluator(t *testing.T) { "basic": { expression: "foo == 3", }, + "default max expressions": { + expression: "((((((((foo == 1))))))))", + // typo in pigeon code-gen + err: "max number of expresssions parsed", + }, } for name, tcase := range tests { - name := name - tcase := tcase t.Run(name, func(t *testing.T) { t.Parallel() - expr, err := CreateEvaluator(tcase.expression) if tcase.err == "" { require.NoError(t, err) require.NotNil(t, expr) + } else { + require.Error(t, err) + require.Contains(t, err.Error(), tcase.err) } }) }