go/parser: stack exhaustion in all Parse* functions

[tatianab]

Calling any of the Parse functions on Go source code which contains deeply nested types or declarations can cause a panic due to stack exhaustion.

Thanks to Juho Nurminen of Mattermost for reporting this issue.

This is CVE-2022-1962.

(This was a PRIVATE issue tracked in http://b/236145171 and fixed by http://tg/1491025.)

/cc https://github.com/orgs/golang/teams/security and https://github.com/orgs/golang/teams/release

[tatianab]

@gopherbot please open backport issues for this security fix

[gopherbot]

Backport issue(s) opened: #53707 (for 1.17), #53708 (for 1.18).

Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://go.dev/wiki/MinorReleases.

[gopherbot]

Change https://go.dev/cl/417056 mentions this issue: [release-branch.go1.18] go/parser: limit recursion depth

[gopherbot]

Change https://go.dev/cl/417063 mentions this issue: go/parser: limit recursion depth

[gopherbot]

Change https://go.dev/cl/417070 mentions this issue: [release-branch.go1.17] go/parser: limit recursion depth