DATACMNS-1285 - PropertyPath now limits the depth of its parsing to 1000 segments.

Author: odrotbohm

src/main/java/org/springframework/data/mapping/PropertyPath.java

@@ -46,6 +46,8 @@
 @EqualsAndHashCode
 public class PropertyPath implements Streamable<PropertyPath> {
 
+	private static final String PARSE_DEPTH_EXCEEDED = "Trying to parse a path with depth greater than 1000! This has been disabled for security reasons to prevent parsing overflows.";
+
 	private static final String DELIMITERS = "_\\.";
 	private static final String ALL_UPPERCASE = "[A-Z0-9._$]+";
 	private static final Pattern SPLITTER = Pattern.compile("(?:[%s]?([%s]*?[^%s]+))".replaceAll("%s", DELIMITERS));
@@ -366,6 +368,10 @@ private static PropertyPath create(String source, TypeInformation<?> type, List<
 	 */
 	private static PropertyPath create(String source, TypeInformation<?> type, String addTail, List<PropertyPath> base) {
 
+		if (base.size() > 1000) {
+			throw new IllegalArgumentException(PARSE_DEPTH_EXCEEDED);
+		}
+
 		PropertyReferenceException exception = null;
 		PropertyPath current = null;
 

src/test/java/org/springframework/data/mapping/PropertyPathUnitTests.java

@@ -369,6 +369,23 @@ public void rejectsNonExistantNestedPath() {
 				.withMessageContaining("Bar.user");
 	}
 
+	@Test // DATACMNS-1285
+	public void rejectsTooLongPath() {
+
+		String source = "foo.bar";
+
+		for (int i = 0; i < 9; i++) {
+			source = source + "." + source;
+		}
+
+		assertThat(source.split("\\.").length).isGreaterThan(1000);
+
+		final String path = source;
+
+		assertThatExceptionOfType(IllegalArgumentException.class) //
+				.isThrownBy(() -> PropertyPath.from(path, Left.class));
+	}
+
 	private class Foo {
 
 		String userName;
@@ -403,4 +420,14 @@ private class Sample2 {
 		private FooBar user;
 		private Foo _foo;
 	}
+
+	// DATACMNS-1285
+
+	private class Left {
+		Right foo;
+	}
+
+	private class Right {
+		Left bar;
+	}
 }