Fix uncontrolled recursion in os_xml _ReadElem (issue #1953) a

[atomicturtle]

Resolves issue #1953 and CVE-2021-28040

[Copilot]

Pull request overview

This PR mitigates the uncontrolled recursion vulnerability in the os_xml XML parser (_ReadElem) that could previously cause stack overflows (CVE-2021-28040 / issue #1953), and adds a regression test to guard against regressions in recursion handling.

Changes:

• Extend _ReadElem to accept a recursion_level argument, enforce a maximum recursion depth of 1024, and refactor local XML parsing buffers from stack-allocated arrays to heap-allocated buffers with centralized cleanup to avoid stack overflows and leaks on error paths.
• Update OS_ReadXML to seed the recursion depth (_ReadElem(..., 0)) and adjust internal _ReadElem call sites to propagate the current depth correctly during nested element parsing.
• Add a standalone regression test (issue_1953_xml_recursion.c) that constructs an XML document with 2000 nested elements and verifies that OS_ReadXML fails with the expected "Max recursion level reached" error instead of crashing.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
src/os_xml/os_xml.c	Adds recursion depth tracking and a hard limit in _ReadElem, switches large per-frame buffers to heap allocation with consistent cleanup via a common end: label, and updates callers to pass the recursion level.
src/tests/regressions/issue_1953_xml_recursion.c	New regression test program that generates deeply nested XML, invokes OS_ReadXML, and asserts that parsing fails with the specific recursion-limit error message rather than succeeding or crashing.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.