Commit 72e5c734193a3fbc100459e4c84afaeb84cd76e7
1 parent
e34dbbfa
Limit parser depth for json parser
Showing
4 changed files
with
8 additions
and
0 deletions
libqpdf/JSON.cc
| @@ -1057,6 +1057,11 @@ JSONParser::handleToken() | @@ -1057,6 +1057,11 @@ JSONParser::handleToken() | ||
| 1057 | stack.push_back(item); | 1057 | stack.push_back(item); |
| 1058 | } | 1058 | } |
| 1059 | } | 1059 | } |
| 1060 | + if (ps_stack.size() > 500) { | ||
| 1061 | + throw std::runtime_error( | ||
| 1062 | + "JSON: offset " + QUtil::int_to_string(p - cstr) + | ||
| 1063 | + ": maximum object depth exceeded"); | ||
| 1064 | + } | ||
| 1060 | parser_state = next_state; | 1065 | parser_state = next_state; |
| 1061 | tok_start = nullptr; | 1066 | tok_start = nullptr; |
| 1062 | tok_end = nullptr; | 1067 | tok_end = nullptr; |
libtests/qtest/json_parse.test
| @@ -102,6 +102,7 @@ my @bad = ( | @@ -102,6 +102,7 @@ my @bad = ( | ||
| 102 | "leading zero negative", # 33 | 102 | "leading zero negative", # 33 |
| 103 | "premature end after u", # 34 | 103 | "premature end after u", # 34 |
| 104 | "bad hex digit", # 35 | 104 | "bad hex digit", # 35 |
| 105 | + "parser depth exceeded", # 36 | ||
| 105 | ); | 106 | ); |
| 106 | 107 | ||
| 107 | my $i = 0; | 108 | my $i = 0; |
libtests/qtest/json_parse/bad-36.json
0 → 100644
| 1 | +{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[{"a":[]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]}]} | ||
| 0 | \ No newline at end of file | 2 | \ No newline at end of file |
libtests/qtest/json_parse/bad-36.out
0 → 100644
| 1 | +exception: bad-36.json: JSON: offset 1501: maximum object depth exceeded |