Stack overflow risk on Pascal export (or code preview) of diagrams e.g. resulting from Java import

fesch / Structorizer.Desktop

Structorizer is a little tool which you can use to create Nassi-Schneiderman Diagrams (NSD).

https://structorizer.fisch.lu

GNU General Public License v3.0

65 stars 20 forks source link

Stack overflow risk on Pascal export (or code preview) of diagrams e.g. resulting from Java import #1155

Closed codemanyak closed 7 months ago

codemanyak commented 7 months ago

There is a serious eternal recursion vulnerability in the Pascal generator that may lead to a stack overflow on Pascal export (or in Pascal code preview). It is triggered by type descriptions starting with substring "array" (case-ignorant) as e. g. ArrayList<String>, which may occur in a diagram after Java import. (This vulnerability had been aggravated inadvertently by bugfix #1092.)