From bc7704a78e32e67253847fdd3d163005fa615209 Mon Sep 17 00:00:00 2001
From: Jean-Marc Lasgouttes <lasgouttes@lyx.org>
Date: Tue, 28 Mar 2017 11:17:35 +0200
Subject: [PATCH] Limit the amount of derivatives in external CAS

The (arbitrary) limit is 1000.

Pointed out by coverity. A bad value could lock LyX.
---
 src/mathed/MathExtern.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/mathed/MathExtern.cpp b/src/mathed/MathExtern.cpp
index ee2004b508..da43bd4e35 100644
--- a/src/mathed/MathExtern.cpp
+++ b/src/mathed/MathExtern.cpp
@@ -896,6 +896,10 @@ void extractDiff(MathData & ar)
 				int mult = 1;
 				if (extractNumber(script->up(), mult)) {
 					//lyxerr << "mult: " << mult << endl;
+					if (mult > 1000) {
+						lyxerr << "Cannot differentiate more than 1000 times !" << endl;
+						continue;
+					}
 					for (int i = 0; i < mult; ++i)
 						diff->addDer(MathData(buf, dt + 1, st));
 				}
-- 
2.39.2