Merge commit 'cb14812a5c6098bd1091f5b7fd471ce2be45e8dd' into wtgodbe/IntMerge914

Author: wtgodbe

src/Mvc/Mvc.Abstractions/src/ModelBinding/ModelStateDictionary.cs

@@ -23,6 +23,9 @@ public class ModelStateDictionary : IReadOnlyDictionary<string, ModelStateEntry?
     /// </summary>
     public static readonly int DefaultMaxAllowedErrors = 200;
 
+    // internal for testing
+    internal const int DefaultMaxRecursionDepth = 32;
+
     private const char DelimiterDot = '.';
     private const char DelimiterOpen = '[';
 
@@ -41,8 +44,18 @@ public ModelStateDictionary()
     /// Initializes a new instance of the <see cref="ModelStateDictionary"/> class.
     /// </summary>
     public ModelStateDictionary(int maxAllowedErrors)
+        : this(maxAllowedErrors, maxValidationDepth: DefaultMaxRecursionDepth, maxStateDepth: DefaultMaxRecursionDepth)
+    {
+    }
+
+    /// <summary>
+    /// Initializes a new instance of the <see cref="ModelStateDictionary"/> class.
+    /// </summary>
+    private ModelStateDictionary(int maxAllowedErrors, int maxValidationDepth, int maxStateDepth)
     {
         MaxAllowedErrors = maxAllowedErrors;
+        MaxValidationDepth = maxValidationDepth;
+        MaxStateDepth = maxStateDepth;
         var emptySegment = new StringSegment(buffer: string.Empty);
         _root = new ModelStateNode(subKey: emptySegment)
         {
@@ -56,7 +69,9 @@ public ModelStateDictionary(int maxAllowedErrors)
     /// </summary>
     /// <param name="dictionary">The <see cref="ModelStateDictionary"/> to copy values from.</param>
     public ModelStateDictionary(ModelStateDictionary dictionary)
-        : this(dictionary?.MaxAllowedErrors ?? DefaultMaxAllowedErrors)
+        : this(dictionary?.MaxAllowedErrors ?? DefaultMaxAllowedErrors,
+              dictionary?.MaxValidationDepth ?? DefaultMaxRecursionDepth,
+              dictionary?.MaxStateDepth ?? DefaultMaxRecursionDepth)
     {
         if (dictionary == null)
         {
@@ -152,7 +167,7 @@ public bool IsValid
     }
 
     /// <inheritdoc />
-    public ModelValidationState ValidationState => GetValidity(_root) ?? ModelValidationState.Valid;
+    public ModelValidationState ValidationState => GetValidity(_root, currentDepth: 0) ?? ModelValidationState.Valid;
 
     /// <inheritdoc />
     public ModelStateEntry? this[string key]
@@ -172,6 +187,10 @@ public ModelStateEntry? this[string key]
     // Flag that indicates if TooManyModelErrorException has already been added to this dictionary.
     private bool HasRecordedMaxModelError { get; set; }
 
+    internal int? MaxValidationDepth { get; set; }
+
+    internal int? MaxStateDepth { get; set; }
+
     /// <summary>
     /// Adds the specified <paramref name="exception"/> to the <see cref="ModelStateEntry.Errors"/> instance
     /// that is associated with the specified <paramref name="key"/>. If the maximum number of allowed
@@ -215,7 +234,6 @@ public bool TryAddModelException(string key, Exception exception)
             return false;
         }
 
-        ErrorCount++;
         AddModelErrorCore(key, exception);
         return true;
     }
@@ -325,7 +343,6 @@ public bool TryAddModelError(string key, Exception exception, ModelMetadata meta
             return TryAddModelError(key, exception.Message);
         }
 
-        ErrorCount++;
         AddModelErrorCore(key, exception);
         return true;
     }
@@ -383,13 +400,13 @@ public bool TryAddModelError(string key, string errorMessage)
             return false;
         }
 
-        ErrorCount++;
         var modelState = GetOrAddNode(key);
         Count += !modelState.IsContainerNode ? 0 : 1;
         modelState.ValidationState = ModelValidationState.Invalid;
         modelState.MarkNonContainerNode();
         modelState.Errors.Add(errorMessage);
 
+        ErrorCount++;
         return true;
     }
 
@@ -409,7 +426,7 @@ public ModelValidationState GetFieldValidationState(string key)
         }
 
         var item = GetNode(key);
-        return GetValidity(item) ?? ModelValidationState.Unvalidated;
+        return GetValidity(item, currentDepth: 0) ?? ModelValidationState.Unvalidated;
     }
 
     /// <summary>
@@ -609,11 +626,18 @@ private ModelStateNode GetOrAddNode(string key)
         var current = _root;
         if (key.Length > 0)
         {
+            var currentDepth = 0;
             var match = default(MatchResult);
             do
             {
+                if (MaxStateDepth != null && currentDepth >= MaxStateDepth)
+                {
+                    throw new InvalidOperationException(Resources.FormatModelStateDictionary_MaxModelStateDepth(MaxStateDepth));
+                }
+
                 var subKey = FindNext(key, ref match);
                 current = current.GetOrAddNode(subKey);
+                currentDepth++;
 
             } while (match.Type != Delimiter.None);
 
@@ -659,9 +683,10 @@ private static StringSegment FindNext(string key, ref MatchResult currentMatch)
         return new StringSegment(key, keyStart, index - keyStart);
     }
 
-    private static ModelValidationState? GetValidity(ModelStateNode? node)
+    private ModelValidationState? GetValidity(ModelStateNode? node, int currentDepth)
     {
-        if (node == null)
+        if (node == null ||
+            (MaxValidationDepth != null && currentDepth >= MaxValidationDepth))
         {
             return null;
         }
@@ -684,9 +709,11 @@ private static StringSegment FindNext(string key, ref MatchResult currentMatch)
 
         if (node.ChildNodes != null)
         {
+            currentDepth++;
+
             for (var i = 0; i < node.ChildNodes.Count; i++)
             {
-                var entryState = GetValidity(node.ChildNodes[i]);
+                var entryState = GetValidity(node.ChildNodes[i], currentDepth);
 
                 if (entryState == ModelValidationState.Unvalidated)
                 {
@@ -710,7 +737,6 @@ private void EnsureMaxErrorsReachedRecorded()
             var exception = new TooManyModelErrorsException(Resources.ModelStateDictionary_MaxModelStateErrors);
             AddModelErrorCore(string.Empty, exception);
             HasRecordedMaxModelError = true;
-            ErrorCount++;
         }
     }
 
@@ -721,6 +747,8 @@ private void AddModelErrorCore(string key, Exception exception)
         modelState.ValidationState = ModelValidationState.Invalid;
         modelState.MarkNonContainerNode();
         modelState.Errors.Add(exception);
+
+        ErrorCount++;
     }
 
     /// <summary>

src/Mvc/Mvc.Abstractions/src/Resources.resx

@@ -180,4 +180,7 @@
   <data name="RecordTypeHasValidationOnProperties" xml:space="preserve">
     <value>Record type '{0}' has validation metadata defined on property '{1}' that will be ignored. '{1}' is a parameter in the record primary constructor and validation metadata must be associated with the constructor parameter.</value>
   </data>
-</root>
+  <data name="ModelStateDictionary_MaxModelStateDepth" xml:space="preserve">
+    <value>The specified key exceeded the maximum ModelState depth: {0}</value>
+  </data>
+</root>

src/Mvc/Mvc.Abstractions/test/ModelBinding/ModelStateDictionaryTest.cs

@@ -1599,6 +1599,162 @@ public void GetModelStateForProperty_ReturnsModelStateForIndexedChildren()
         Assert.Equal("value1", property.RawValue);
     }
 
+    [Fact]
+    public void GetFieldValidationState_ReturnsUnvalidated_IfTreeHeightIsGreaterThanLimit()
+    {
+        // Arrange
+        var stackLimit = 5;
+        var dictionary = new ModelStateDictionary();
+        var key = string.Join(".", Enumerable.Repeat("foo", stackLimit + 1));
+        dictionary.MaxValidationDepth = stackLimit;
+        dictionary.MaxStateDepth = null;
+        dictionary.MarkFieldValid(key);
+
+        // Act
+        var validationState = dictionary.GetFieldValidationState("foo");
+
+        // Assert
+        Assert.Equal(ModelValidationState.Unvalidated, validationState);
+    }
+
+    [Fact]
+    public void IsValidProperty_ReturnsTrue_IfTreeHeightIsGreaterThanLimit()
+    {
+        // Arrange
+        var stackLimit = 5;
+        var dictionary = new ModelStateDictionary();
+        var key = string.Join(".", Enumerable.Repeat("foo", stackLimit + 1));
+        dictionary.MaxValidationDepth = stackLimit;
+        dictionary.MaxStateDepth = null;
+        dictionary.AddModelError(key, "some error");
+
+        // Act
+        var isValid = dictionary.IsValid;
+        var validationState = dictionary.ValidationState;
+
+        // Assert
+        Assert.True(isValid);
+        Assert.Equal(ModelValidationState.Valid, validationState);
+    }
+
+    [Fact]
+    public void TryAddModelException_Throws_IfKeyHasTooManySegments()
+    {
+        // Arrange
+        var exception = new TestException();
+
+        var stateDepth = 5;
+        var dictionary = new ModelStateDictionary();
+        var key = string.Join(".", Enumerable.Repeat("foo", stateDepth + 1));
+        dictionary.MaxStateDepth = stateDepth;
+
+        // Act
+        var invalidException = Assert.Throws<InvalidOperationException>(() => dictionary.TryAddModelException(key, exception));
+
+        // Assert
+        Assert.Equal(
+            $"The specified key exceeded the maximum ModelState depth: {dictionary.MaxStateDepth}",
+            invalidException.Message);
+    }
+
+    [Fact]
+    public void TryAddModelError_Throws_IfKeyHasTooManySegments()
+    {
+        // Arrange
+        var stateDepth = 5;
+        var dictionary = new ModelStateDictionary();
+        var key = string.Join(".", Enumerable.Repeat("foo", stateDepth + 1));
+        dictionary.MaxStateDepth = stateDepth;
+
+        // Act
+        var invalidException = Assert.Throws<InvalidOperationException>(() => dictionary.TryAddModelError(key, "errorMessage"));
+
+        // Assert
+        Assert.Equal(
+            $"The specified key exceeded the maximum ModelState depth: {dictionary.MaxStateDepth}",
+            invalidException.Message);
+    }
+
+    [Fact]
+    public void SetModelValue_Throws_IfKeyHasTooManySegments()
+    {
+        var stateDepth = 5;
+        var dictionary = new ModelStateDictionary();
+        var key = string.Join(".", Enumerable.Repeat("foo", stateDepth + 1));
+        dictionary.MaxStateDepth = stateDepth;
+
+        // Act
+        var invalidException = Assert.Throws<InvalidOperationException>(() => dictionary.SetModelValue(key, string.Empty, string.Empty));
+
+        // Assert
+        Assert.Equal(
+            $"The specified key exceeded the maximum ModelState depth: {dictionary.MaxStateDepth}",
+            invalidException.Message);
+    }
+
+    [Fact]
+    public void MarkFieldValid_Throws_IfKeyHasTooManySegments()
+    {
+        // Arrange
+        var stateDepth = 5;
+        var source = new ModelStateDictionary();
+        var key = string.Join(".", Enumerable.Repeat("foo", stateDepth + 1));
+        source.MaxStateDepth = stateDepth;
+
+        // Act
+        var exception = Assert.Throws<InvalidOperationException>(() => source.MarkFieldValid(key));
+
+        // Assert
+        Assert.Equal(
+            $"The specified key exceeded the maximum ModelState depth: {source.MaxStateDepth}",
+            exception.Message);
+    }
+
+    [Fact]
+    public void MarkFieldSkipped_Throws_IfKeyHasTooManySegments()
+    {
+        // Arrange
+        var stateDepth = 5;
+        var source = new ModelStateDictionary();
+        var key = string.Join(".", Enumerable.Repeat("foo", stateDepth + 1));
+        source.MaxStateDepth = stateDepth;
+
+        // Act
+        var exception = Assert.Throws<InvalidOperationException>(() => source.MarkFieldSkipped(key));
+
+        // Assert
+        Assert.Equal(
+            $"The specified key exceeded the maximum ModelState depth: {source.MaxStateDepth}",
+            exception.Message);
+    }
+
+    [Fact]
+    public void Constructor_SetsDefaultRecursionDepth()
+    {
+        // Arrange && Act
+        var dictionary = new ModelStateDictionary();
+
+        // Assert
+        Assert.Equal(ModelStateDictionary.DefaultMaxRecursionDepth, dictionary.MaxValidationDepth);
+        Assert.Equal(ModelStateDictionary.DefaultMaxRecursionDepth, dictionary.MaxStateDepth);
+    }
+
+    [Fact]
+    public void CopyConstructor_PreservesRecursionDepth()
+    {
+        // Arrange
+        var dictionary = new ModelStateDictionary();
+        dictionary.MaxValidationDepth = 5;
+        dictionary.MaxStateDepth = 4;
+
+        // Act
+        var newDictionary = new ModelStateDictionary(dictionary);
+
+        // Assert
+        Assert.Equal(dictionary.MaxValidationDepth, newDictionary.MaxValidationDepth);
+        Assert.Equal(dictionary.MaxStateDepth, newDictionary.MaxStateDepth);
+    }
+
     private DefaultBindingMetadataProvider CreateBindingMetadataProvider()
         => new DefaultBindingMetadataProvider();
 

src/Mvc/Mvc.Core/src/Infrastructure/ControllerActionInvokerProvider.cs

@@ -18,6 +18,8 @@ internal sealed class ControllerActionInvokerProvider : IActionInvokerProvider
     private readonly ControllerActionInvokerCache _controllerActionInvokerCache;
     private readonly IReadOnlyList<IValueProviderFactory> _valueProviderFactories;
     private readonly int _maxModelValidationErrors;
+    private readonly int? _maxValidationDepth;
+    private readonly int _maxModelBindingRecursionDepth;
     private readonly ILogger _logger;
     private readonly DiagnosticListener _diagnosticListener;
     private readonly IActionResultTypeMapper _mapper;
@@ -44,6 +46,8 @@ public ControllerActionInvokerProvider(
         _controllerActionInvokerCache = controllerActionInvokerCache;
         _valueProviderFactories = optionsAccessor.Value.ValueProviderFactories.ToArray();
         _maxModelValidationErrors = optionsAccessor.Value.MaxModelValidationErrors;
+        _maxValidationDepth = optionsAccessor.Value.MaxValidationDepth;
+        _maxModelBindingRecursionDepth = optionsAccessor.Value.MaxModelBindingRecursionDepth;
         _logger = loggerFactory.CreateLogger<ControllerActionInvoker>();
         _diagnosticListener = diagnosticListener;
         _mapper = mapper;
@@ -68,6 +72,8 @@ public void OnProvidersExecuting(ActionInvokerProviderContext context)
                 ValueProviderFactories = new CopyOnWriteList<IValueProviderFactory>(_valueProviderFactories)
             };
             controllerContext.ModelState.MaxAllowedErrors = _maxModelValidationErrors;
+            controllerContext.ModelState.MaxValidationDepth = _maxValidationDepth;
+            controllerContext.ModelState.MaxStateDepth = _maxModelBindingRecursionDepth;
 
             var (cacheEntry, filters) = _controllerActionInvokerCache.GetCachedResult(controllerContext);
 

src/Mvc/Mvc.Core/src/Routing/ControllerRequestDelegateFactory.cs

@@ -19,6 +19,8 @@ internal sealed class ControllerRequestDelegateFactory : IRequestDelegateFactory
     private readonly ControllerActionInvokerCache _controllerActionInvokerCache;
     private readonly IReadOnlyList<IValueProviderFactory> _valueProviderFactories;
     private readonly int _maxModelValidationErrors;
+    private readonly int? _maxValidationDepth;
+    private readonly int _maxModelBindingRecursionDepth;
     private readonly ILogger _logger;
     private readonly DiagnosticListener _diagnosticListener;
     private readonly IActionResultTypeMapper _mapper;
@@ -46,6 +48,8 @@ public ControllerRequestDelegateFactory(
         _controllerActionInvokerCache = controllerActionInvokerCache;
         _valueProviderFactories = optionsAccessor.Value.ValueProviderFactories.ToArray();
         _maxModelValidationErrors = optionsAccessor.Value.MaxModelValidationErrors;
+        _maxValidationDepth = optionsAccessor.Value.MaxValidationDepth;
+        _maxModelBindingRecursionDepth = optionsAccessor.Value.MaxModelBindingRecursionDepth;
         _enableActionInvokers = optionsAccessor.Value.EnableActionInvokers;
         _logger = loggerFactory.CreateLogger<ControllerActionInvoker>();
         _diagnosticListener = diagnosticListener;
@@ -82,6 +86,8 @@ public ControllerRequestDelegateFactory(
             };
 
             controllerContext.ModelState.MaxAllowedErrors = _maxModelValidationErrors;
+            controllerContext.ModelState.MaxValidationDepth = _maxValidationDepth;
+            controllerContext.ModelState.MaxStateDepth = _maxModelBindingRecursionDepth;
 
             var (cacheEntry, filters) = _controllerActionInvokerCache.GetCachedResult(controllerContext);