Redefining view as view causes Zope crash

Triggered by security_related toggle.

Uploaded: viewcrash.tgz

Re-defining view as view in a tal:define statement causes a bus error, instead of an infinite recursion exception. See the attached test case (drop in $INSTANCESHOME/lib/python, copy or link viewcrash-configure.zcml into $INSTANCE_HOME/etc/package-includes, visit /viewcrash).

What happens is that 'view' is called, ending up in a deepening recursion, but somewhere along the way python crashes with a bus error. Apart from the fact that redefining view as view is silly, bus errors indicate a serious C extension or python interpreter bug.

I marked this as a security issue; it's a denial-of-service attack as the same problem happens in through-the-web page templates as well.

In the ZMI, create a pagetemplate named ttwviewcrash with the following content:

<html>
<body tal:define="view here/ttwviewcrash">
    <h1>No problemo</h1>
</body>
</html>

The 'redefining' title is thus misleading, it's caused by recursively calling the pagetemplate.

Two years without action -> this issue cannot be that important.

It's perfectly possible to crash Zope via all sorts of infinite recursions or large memory usage. Restricted code never claimed to protect you from this or malicious users. The Zope 2 book has been updated to make this clearer.

So this isn't a security related bug. The question remains if something could be done to avoid this case from crashing. I personally doubt it :)

The zope2 project on Launchpad has been archived at the request of the Zope developers (see https://answers.launchpad.net/launchpad/+question/683589 and https://answers.launchpad.net/launchpad/+question/685285). If this bug is still relevant, please refile it at https://github.com/zopefoundation/zope2.