cel: make loaded-AST depth limit a configurable NewEnv option

The depth bound for ASTs ingested outside the parser (via ParsedExprToAst / CheckedExprToAst) was an exported package constant, common/ast.MaxNestingDepth. Replace it with a cel.ExpressionNestingDepthLimit functional option on NewEnv so the behavior is user-configurable with a sensible default rather than a public package-level knob.

The option defaults to 250, matching the parser's maxRecursionDepth, and a negative value disables the check. Enforce it once during Program planning (PlanProgram) and drop the separate Env.Check guard, leaving a single configurable enforcement point.

Author: wilyan09007

cel/env.go

@@ -403,16 +403,6 @@ func (e *Env) Check(ast *Ast) (*Ast, *Issues) {
 		return nil, NewIssuesWithSourceInfo(errs, ast.NativeRep().SourceInfo())
 	}
 
-	// Guard against ASTs that bypass the parser depth limit (e.g. loaded via
-	// ParsedExprToAst / CheckedExprToAst), since later recursive checking
-	// would otherwise risk a Go stack overflow on adversarially deep inputs.
-	if celast.ExceedsMaxDepth(ast.NativeRep().Expr(), celast.MaxNestingDepth) {
-		errs := common.NewErrors(ast.Source())
-		errs.ReportErrorString(common.NoLocation,
-			fmt.Sprintf("input exceeds maximum expression nesting depth: %d", celast.MaxNestingDepth))
-		return nil, NewIssuesWithSourceInfo(errs, ast.NativeRep().SourceInfo())
-	}
-
 	checked, errs := checker.Check(ast.NativeRep(), ast.Source(), chk)
 	if len(errs.GetErrors()) > 0 {
 		return nil, NewIssuesWithSourceInfo(errs, ast.NativeRep().SourceInfo())
@@ -706,9 +696,15 @@ func (e *Env) PlanProgram(a *celast.AST, opts ...ProgramOption) (Program, error)
 	// Guard against ASTs that bypass the parser depth limit (e.g. loaded via
 	// ParsedExprToAst / CheckedExprToAst), since later recursive planning and
 	// evaluation would otherwise risk a Go stack overflow on adversarially
-	// deep inputs.
-	if a != nil && celast.ExceedsMaxDepth(a.Expr(), celast.MaxNestingDepth) {
-		return nil, fmt.Errorf("input exceeds maximum expression nesting depth: %d", celast.MaxNestingDepth)
+	// deep inputs. The limit is configurable via ExpressionNestingDepthLimit;
+	// a zero value falls back to the parser-matching default and a negative
+	// value disables the check.
+	maxDepth := e.limits[limitMaxASTDepth]
+	if maxDepth == 0 {
+		maxDepth = defaultMaxASTDepth
+	}
+	if a != nil && celast.ExceedsMaxDepth(a.Expr(), maxDepth) {
+		return nil, fmt.Errorf("input exceeds maximum expression nesting depth: %d", maxDepth)
 	}
 	optSet := e.progOpts
 	if len(opts) != 0 {

cel/io_test.go

@@ -360,17 +360,21 @@ func TestLoadedAstDepthLimit(t *testing.T) {
 	}
 	deepAst := ParsedExprToAst(&exprpb.ParsedExpr{Expr: expr})
 
-	_, iss = env.Check(deepAst)
-	if iss == nil || iss.Err() == nil {
-		t.Fatalf("Check(deepAst) expected an error, got nil")
-	}
-	if !strings.Contains(iss.Err().Error(), "maximum expression nesting depth") {
-		t.Errorf("Check(deepAst) error = %v, want it to mention 'maximum expression nesting depth'", iss.Err())
-	}
-
+	// Program enforces the default depth limit and returns a normal error
+	// rather than overflowing the stack during planning.
 	if _, err := env.Program(deepAst); err == nil {
 		t.Fatalf("Program(deepAst) expected an error, got nil")
 	} else if !strings.Contains(err.Error(), "maximum expression nesting depth") {
 		t.Errorf("Program(deepAst) error = %v, want it to mention 'maximum expression nesting depth'", err)
 	}
+
+	// The limit is configurable via the ExpressionNestingDepthLimit option: a
+	// negative value disables the check so the same deep AST plans cleanly.
+	unbounded, err := NewEnv(ExpressionNestingDepthLimit(-1))
+	if err != nil {
+		t.Fatalf("NewEnv(ExpressionNestingDepthLimit(-1)) failed: %v", err)
+	}
+	if _, err := unbounded.Program(deepAst); err != nil {
+		t.Errorf("Program(deepAst) with depth checking disabled failed: %v", err)
+	}
 }

cel/options.go

@@ -109,8 +109,15 @@ const (
 	limitCodePointSize
 	// The number of attempts to recover from a parse error.
 	limitParseErrorRecovery
+	// The maximum nesting depth permitted for ASTs loaded outside the parser.
+	limitMaxASTDepth
 )
 
+// defaultMaxASTDepth mirrors the parser's default maxRecursionDepth (250) and
+// is applied to ASTs that enter through non-parser ingestion paths (e.g. via
+// ParsedExprToAst / CheckedExprToAst) when no explicit limit is configured.
+const defaultMaxASTDepth = 250
+
 var limitIDsToNames = map[limitID]string{
 	limitCodePointSize:       "cel.limit.expression_code_points",
 	limitParseErrorRecovery:  "cel.limit.parse_error_recovery",
@@ -942,6 +949,16 @@ func ParserExpressionSizeLimit(limit int) EnvOption {
 	return setLimit(limitCodePointSize, limit)
 }
 
+// ExpressionNestingDepthLimit bounds the nesting depth permitted for ASTs that
+// are loaded outside the parser (e.g. via ParsedExprToAst / CheckedExprToAst),
+// which would otherwise bypass the parser's recursion limit. The limit is
+// enforced when a Program is planned, returning a normal error rather than
+// risking a Go stack overflow on adversarially deep inputs. It defaults to the
+// parser's recursion limit (250); a negative value disables the check.
+func ExpressionNestingDepthLimit(limit int) EnvOption {
+	return setLimit(limitMaxASTDepth, limit)
+}
+
 // EnableHiddenAccumulatorName sets the parser to use the identifier '@result' for accumulators
 // which is not normally accessible from CEL source.
 func EnableHiddenAccumulatorName(enabled bool) EnvOption {

common/ast/depth.go

@@ -14,12 +14,6 @@
 
 package ast
 
-// MaxNestingDepth is the default maximum expression nesting depth applied to
-// ASTs that enter through non-parser ingestion paths. It mirrors the parser's
-// default maxRecursionDepth so loaded ASTs are validated against the same
-// bound as ASTs produced from CEL source.
-const MaxNestingDepth = 250
-
 // ExceedsMaxDepth reports whether the given expression nests deeper than
 // maxDepth. The traversal itself is bounded: it never recurses past
 // maxDepth+1 levels, so it is safe to call on adversarially deep inputs that