Add explicit recursion limits to avoid stack overflows (#420)

* Explicit recursion limit during deserializing * Explicit recursion limit during serializing * Added CHANGELOG entry
ron-rs · Oct 12, 2022 · 562963f · 562963f
1 parent 0c32f8d
commit 562963f
Show file tree

Hide file tree

Showing 8 changed files with 224 additions and 111 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Add `ron::value::RawValue` helper type which can (de)serialize any valid RON ([#407](https://github.com/ron-rs/ron/pull/407))
 - Fix issue [#410](https://github.com/ron-rs/ron/issues/410) trailing comma parsing in tuples and `Some` ([#412](https://github.com/ron-rs/ron/pull/412))
 - Error instead of panic when deserializing non-identifiers as field names ([#415](https://github.com/ron-rs/ron/pull/415))
+- Breaking: Fix issue [#307](https://github.com/ron-rs/ron/issues/307) stack overflow with explicit recursion limits in serialising and deserialising ([#420](https://github.com/ron-rs/ron/pull/420))
 
 ## [0.8.0] - 2022-08-17
 

diff --git a/fuzz/Cargo.lock b/fuzz/Cargo.lock
diff --git a/fuzz/fuzz_targets/from_str.rs b/fuzz/fuzz_targets/from_str.rs
@@ -2,5 +2,7 @@
 use libfuzzer_sys::fuzz_target;
 
 fuzz_target!(|data: &str| {
-    let _ = ron::from_str::<ron::Value>(data);
+    if let Ok(value) = ron::from_str::<ron::Value>(data) {
+        let _ = ron::to_string(&value);
+    }
 });