chore: add Value depth level guard

diegomarquezp · diegomarquezp · commit 7ed4a8acf784 · 2025-11-18T20:03:30.000Z
diff --git a/google/cloud/bigtable/value.cc b/google/cloud/bigtable/value.cc
@@ -340,17 +340,20 @@ std::ostream& operator<<(std::ostream& os, Value const& v) {
 }
 
 // NOLINTNEXTLINE(misc-no-recursion)
-Status Value::TypeAndArrayValuesMatch(
-    google::bigtable::v2::Type const& type,
-    google::bigtable::v2::Value const& value) {
+Status Value::TypeAndArrayValuesMatch(google::bigtable::v2::Type const& type,
+                                      google::bigtable::v2::Value const& value,
+                                      int depth) {
+  if (depth > 10) {
+    return internal::InternalError("Nested value depth exceeds 10 levels");
+  }
   if (!value.has_array_value()) {
     return internal::InternalError(
         "Value kind must be ARRAY_VALUE for columns of type: MAP");
   }
   auto const& vals = value.array_value().values();
   for (auto const& val : vals) {
     auto const element_match_result =
-        TypeAndValuesMatch(type.array_type().element_type(), val);
+        TypeAndValuesMatch(type.array_type().element_type(), val, depth + 1);
     if (!element_match_result.ok()) {
       return element_match_result;
     }
@@ -360,7 +363,11 @@ Status Value::TypeAndArrayValuesMatch(
 
 // NOLINTNEXTLINE(misc-no-recursion)
 Status Value::TypeAndMapValuesMatch(google::bigtable::v2::Type const& type,
-                                    google::bigtable::v2::Value const& value) {
+                                    google::bigtable::v2::Value const& value,
+                                    int depth) {
+  if (depth > 10) {
+    return internal::InternalError("Nested value depth exceeds 10 levels");
+  }
   if (!value.has_array_value()) {
     return internal::InternalError(
         "Value kind must be ARRAY_VALUE for columns of type: MAP");
@@ -376,12 +383,13 @@ Status Value::TypeAndMapValuesMatch(google::bigtable::v2::Type const& type,
     auto map_key = val.array_value().values(0);
     auto map_value = val.array_value().values(1);
     // NOLINTNEXTLINE(misc-no-recursion)
-    auto key_match_result = TypeAndValuesMatch(key_type, map_key);
+    auto key_match_result = TypeAndValuesMatch(key_type, map_key, depth + 1);
     if (!key_match_result.ok()) {
       return key_match_result;
     }
     // NOLINTNEXTLINE(misc-no-recursion)
-    auto value_match_result = TypeAndValuesMatch(value_type, map_value);
+    auto value_match_result =
+        TypeAndValuesMatch(value_type, map_value, depth + 1);
     if (!value_match_result.ok()) {
       return value_match_result;
     }
@@ -390,9 +398,12 @@ Status Value::TypeAndMapValuesMatch(google::bigtable::v2::Type const& type,
 }
 
 // NOLINTNEXTLINE(misc-no-recursion)
-Status Value::TypeAndStructValuesMatch(
-    google::bigtable::v2::Type const& type,
-    google::bigtable::v2::Value const& value) {
+Status Value::TypeAndStructValuesMatch(google::bigtable::v2::Type const& type,
+                                       google::bigtable::v2::Value const& value,
+                                       int depth) {
+  if (depth > 10) {
+    return internal::InternalError("Nested value depth exceeds 10 levels");
+  }
   if (!value.has_array_value()) {
     return internal::InternalError(
         "Value kind must be ARRAY_VALUE for columns of type: STRUCT");
@@ -408,7 +419,7 @@ Status Value::TypeAndStructValuesMatch(
   for (int i = 0; i < fields.size(); ++i) {
     auto const& f1 = fields.Get(i);
     auto const& v = values[i];
-    auto match_result = TypeAndValuesMatch(f1.type(), v);
+    auto match_result = TypeAndValuesMatch(f1.type(), v, depth + 1);
     if (!match_result.ok()) {
       return match_result;
     }
@@ -423,7 +434,11 @@ Status Value::TypeAndStructValuesMatch(
  */
 // NOLINTNEXTLINE(misc-no-recursion)
 Status Value::TypeAndValuesMatch(google::bigtable::v2::Type const& type,
-                                 google::bigtable::v2::Value const& value) {
+                                 google::bigtable::v2::Value const& value,
+                                 int depth) {
+  if (depth > 10) {
+    return internal::InternalError("Nested value depth exceeds 10 levels");
+  }
   using google::bigtable::v2::Type;
   auto make_mismatch_metadata_status = [&](std::string const& value_kind,
                                            std::string const& type_name) {
@@ -438,13 +453,13 @@ Status Value::TypeAndValuesMatch(google::bigtable::v2::Type const& type,
   Status result;
   switch (type.kind_case()) {
     case Type::kArrayType:
-      result = TypeAndArrayValuesMatch(type, value);
+      result = TypeAndArrayValuesMatch(type, value, depth + 1);
       break;
     case Type::kMapType:
-      result = TypeAndMapValuesMatch(type, value);
+      result = TypeAndMapValuesMatch(type, value, depth + 1);
       break;
     case Type::kStructType:
-      result = TypeAndStructValuesMatch(type, value);
+      result = TypeAndStructValuesMatch(type, value, depth + 1);
       break;
     case Type::kBoolType:
       if (!value.has_bool_value()) {
diff --git a/google/cloud/bigtable/value.h b/google/cloud/bigtable/value.h
@@ -316,17 +316,23 @@ class Value {
   }
 
   static Status TypeAndValuesMatch(google::bigtable::v2::Type const& type,
-                                   google::bigtable::v2::Value const& value);
+                                   google::bigtable::v2::Value const& value) {
+    return TypeAndValuesMatch(type, value, 1);
+  }
 
  private:
+  static Status TypeAndValuesMatch(google::bigtable::v2::Type const& type,
+                                   google::bigtable::v2::Value const& value,
+                                   int depth);
   static Status TypeAndArrayValuesMatch(
       google::bigtable::v2::Type const& type,
-      google::bigtable::v2::Value const& value);
+      google::bigtable::v2::Value const& value, int depth);
   static Status TypeAndMapValuesMatch(google::bigtable::v2::Type const& type,
-                                      google::bigtable::v2::Value const& value);
+                                      google::bigtable::v2::Value const& value,
+                                      int depth);
   static Status TypeAndStructValuesMatch(
       google::bigtable::v2::Type const& type,
-      google::bigtable::v2::Value const& value);
+      google::bigtable::v2::Value const& value, int depth);
 
   // Metafunction that returns true if `T` is an `absl::optional<U>`
   template <typename T>
