You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently we parse the ast, but resource attacks can be executed earlier (when the ast is built)
Is there a way to get the input string first and analyze it?
Or are we able to limit the AST builder in such a way, it cannot be abused? Eg. the stack can be exhausted by high depths before any validation takes place
The text was updated successfully, but these errors were encountered:
Currently we parse the ast, but resource attacks can be executed earlier (when the ast is built)
Is there a way to get the input string first and analyze it?
Or are we able to limit the AST builder in such a way, it cannot be abused? Eg. the stack can be exhausted by high depths before any validation takes place
The text was updated successfully, but these errors were encountered: