tool_parsecfg: detect and error on recursive --config use

The config file parser now has a maximum level of inclusions allowed (5) to detect and prevent recursive inclusions of itself leading to badness. Bonus: clean up return code handling from the config parser. Test 774 verifies Closes #19168
2026-05-30 09:27:30 +03:00 · 2025-10-20 22:46:56 +02:00 · 2025-10-20 22:46:56 +02:00 · 9e198618de
commit 9e198618de
parent b4f57c8045
10 changed files with 72 additions and 32 deletions
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@ -2167,7 +2167,8 @@ static ParameterError opt_bool(struct OperationConfig *config,
 /* opt_file handles file options */
 static ParameterError opt_file(struct OperationConfig *config,
                               const struct LongShort *a,
-                               const char *nextarg)
+                               const char *nextarg,
+                               int max_recursive)
 {
  ParameterError err = PARAM_OK;
  if((nextarg[0] == '-') && nextarg[1]) {
@ -2189,9 +2190,13 @@ static ParameterError opt_file(struct OperationConfig *config,
    GetFileAndPassword(nextarg, &config->cert, &config->key_passwd);
    break;
  case C_CONFIG: /* --config */
-    if(parseconfig(nextarg)) {
-      errorf("cannot read config from '%s'", nextarg);
-      err = PARAM_READ_ERROR;
+    if(--max_recursive < 0) {
+      errorf("Max config file recursion level reached (%u)",
+             CONFIG_MAX_LEVELS);
+      err = PARAM_BAD_USE;
+    }
+    else {
+      err = parseconfig(nextarg, max_recursive);
    }
    break;
  case C_CRLFILE: /* --crlfile */
@ -2831,7 +2836,8 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
                            const char *nextarg,    /* NULL if unset */
                            bool *usedarg,    /* set to TRUE if the arg
                                                 has been used */
-                            struct OperationConfig *config)
+                            struct OperationConfig *config,
+                            int max_recursive)
 {
  const char *parse = NULL;
  bool longopt = FALSE;
@ -2962,7 +2968,7 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
              "Maybe ASCII was intended?", nextarg);
      }
      if(ARGTYPE(a->desc) == ARG_FILE)
-        err = opt_file(config, a, nextarg);
+        err = opt_file(config, a, nextarg, max_recursive);
      else /* if(ARGTYPE(a->desc) == ARG_STRG) */
        err = opt_string(config, a, nextarg);
      if(a->desc & ARG_CLEAR)
@ -3020,7 +3026,8 @@ ParameterError parse_args(int argc, argv_item_t argv[])
          }
        }

-        result = getparameter(orig_opt, nextarg, &passarg, config);
+        result = getparameter(orig_opt, nextarg, &passarg, config,
+                              CONFIG_MAX_LEVELS);

        unicodefree(nextarg);
        config = global->last;
@ -3056,7 +3063,7 @@ ParameterError parse_args(int argc, argv_item_t argv[])
      bool used;

      /* Just add the URL please */
-      result = getparameter("--url", orig_opt, &used, config);
+      result = getparameter("--url", orig_opt, &used, config, 0);
    }

    if(!result) {