Restrict deep nesting of configfiles

There is no point in restricting the number of included config-
files, but there is a point in restricting the nestinglevel
of configfiles: to avoid recursive inclusions. This is easily
achieved by decrementing the static nesting-variable upon exit
from cgit_read_config().

Also fix some whitespace breakage.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>

1 files changed, 6 insertions, 4 deletions

diff --git a/parsing.c b/parsing.c
index 8e15e5a..36b0f0c 100644
--- a/parsing.c
+++ b/parsing.c
@@ -70,13 +70,15 @@ int cgit_read_config(const char *filename, configfn fn)
 	const char *value;
 	FILE *f;
 
-	/* cancel the reading of yet another configfile after 16 invocations */
-	if (nesting++ > 16)
+	/* cancel deeply nested include-commands */
+	if (nesting > 8)
 		return -1;
 	if (!(f = fopen(filename, "r")))
 		return -1;
+	nesting++;
 	while((len = read_config_line(f, line, &value, sizeof(line))) > 0)
 		(*fn)(line, value);
+	nesting--;
 	fclose(f);
 	return 0;
 }
@@ -108,7 +110,7 @@ int cgit_parse_query(char *txt, configfn fn)
 		return 0;
 
 	t = txt = xstrdup(txt);
- 
+
 	while((c=*t) != '\0') {
 		if (c=='=') {
 			*t = '\0';
@@ -213,7 +215,7 @@ struct taginfo *cgit_parse_tag(struct tag *tag)
 		free(data);
 		return 0;
 	}
-	
+
 	ret = xmalloc(sizeof(*ret));
 	ret->tagger = NULL;
 	ret->tagger_email = NULL;