Describe the bug
Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Getting CVE issue due to this.
To Reproduce
Steps to reproduce the behavior.
Please give code examples or concete SQL statements. Take care of not posting any sensitive information when pasting SQL statements!
What's the concrete error / traceback.
https://github.com/advisories/GHSA-2m57-hf25-phgg
Expected behavior
Should gracefully throw an exception with clear message instead of failing abruptly.
Versions (please complete the following information):
Python: [e.g. 3.11.2]
sqlparse: 0.4.4
Additional context
Add any other context about the problem here.
Describe the bug Passing a heavily nested list to sqlparse.parse() leads to a Denial of Service due to RecursionError. Getting CVE issue due to this.
To Reproduce Steps to reproduce the behavior. Please give code examples or concete SQL statements. Take care of not posting any sensitive information when pasting SQL statements! What's the concrete error / traceback. https://github.com/advisories/GHSA-2m57-hf25-phgg
Expected behavior Should gracefully throw an exception with clear message instead of failing abruptly.
Versions (please complete the following information):
Additional context Add any other context about the problem here.
https://nvd.nist.gov/vuln/detail/CVE-2024-4340 https://github.com/advisories/GHSA-2m57-hf25-phgg