[librsvg/librsvg-2.44: 1/7] limits.rs - New file; move the constant for maximum instanced nodes here

[Federico Mena Quintero <federico src gnome org>]

commit c5738c7716f66e66ba23aa169e79eb478b7804c5
Author: Federico Mena Quintero <federico gnome org>
Date:   Thu Oct 10 15:16:19 2019 -0500

    limits.rs - New file; move the constant for maximum instanced nodes here

 Makefile.am                       |  1 +
 rsvg_internals/src/drawing_ctx.rs |  3 ++-
 rsvg_internals/src/lib.rs         |  1 +
 rsvg_internals/src/limits.rs      | 11 +++++++++++
 4 files changed, 15 insertions(+), 1 deletion(-)
---
diff --git a/Makefile.am b/Makefile.am
index e075c958..bb181dc2 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -81,6 +81,7 @@ RUST_SRC =                                                    \
        rsvg_internals/src/iri.rs                               \
        rsvg_internals/src/length.rs                            \
        rsvg_internals/src/lib.rs                               \
+       rsvg_internals/src/limits.rs                            \
        rsvg_internals/src/log.rs                               \
        rsvg_internals/src/link.rs                              \
        rsvg_internals/src/load.rs                              \
diff --git a/rsvg_internals/src/drawing_ctx.rs b/rsvg_internals/src/drawing_ctx.rs
index 9bf9d295..c9c2d169 100644
--- a/rsvg_internals/src/drawing_ctx.rs
+++ b/rsvg_internals/src/drawing_ctx.rs
@@ -19,6 +19,7 @@ use error::RenderingError;
 use filters;
 use float_eq_cairo::ApproxEqCairo;
 use length::Dasharray;
+use limits;
 use mask::NodeMask;
 use node::{CascadedValues, NodeType, RsvgNode};
 use paint_server::{self, PaintServer};
@@ -863,7 +864,7 @@ impl<'a> DrawingCtx<'a> {
     }
 
     fn check_limits(&self) -> Result<(), RenderingError> {
-        if self.num_elements_rendered_through_use > 500_000 {
+        if self.num_elements_rendered_through_use > limits::MAX_REFERENCED_ELEMENTS {
             Err(RenderingError::InstancingLimit)
         } else {
             Ok(())
diff --git a/rsvg_internals/src/lib.rs b/rsvg_internals/src/lib.rs
index 1d36d394..99704df4 100644
--- a/rsvg_internals/src/lib.rs
+++ b/rsvg_internals/src/lib.rs
@@ -113,6 +113,7 @@ mod handle;
 mod image;
 mod iri;
 mod length;
+mod limits;
 mod link;
 mod load;
 mod marker;
diff --git a/rsvg_internals/src/limits.rs b/rsvg_internals/src/limits.rs
new file mode 100644
index 00000000..f5d58d95
--- /dev/null
+++ b/rsvg_internals/src/limits.rs
@@ -0,0 +1,11 @@
+/// This is a mitigation for the security-related bug
+/// https://gitlab.gnome.org/GNOME/librsvg/issues/323 - imagine
+/// the XML [billion laughs attack], but done by creating deeply
+/// nested groups of `<use>` elements.  The first one references
+/// the second one ten times, the second one references the third
+/// one ten times, and so on.  In the file given, this causes
+/// 10^17 objects to be rendered.  While this does not exhaust
+/// memory, it would take a really long time.
+///
+/// [billion laughs attack]: https://bitbucket.org/tiran/defusedxml
+pub const MAX_REFERENCED_ELEMENTS: usize = 500_000;