projects / platform / upstream / jsoncpp.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 99b8e85)
stackLimit
authorChristopher Dunn <cdunn2001@gmail.com>
Tue, 10 Feb 2015 18:16:03 +0000 (12:16 -0600)
committerChristopher Dunn <cdunn2001@gmail.com>
Wed, 11 Feb 2015 16:01:58 +0000 (10:01 -0600)
include/json/reader.h patch | blob | history
src/lib_json/json_reader.cpp patch | blob | history

diff --git a/include/json/reader.h b/include/json/reader.h
index 041ae0d..b5b2e97 100644 (file)
--- a/include/json/reader.h
+++ b/include/json/reader.h
@@ -310,6 +310,9 @@ public:
       - true if dropped null placeholders are allowed. (See StreamWriterBuilder.)
     - "allowNumericKeys": false or true
       - true if numeric object keys are allowed.
+    - "stackLimit": integer
+      - This is a security issue (seg-faults caused by deeply nested JSON),
+        so the default is low.
 
     You can examine 'settings_` yourself
     to see the defaults. You can also write and read them just like any
diff --git a/src/lib_json/json_reader.cpp b/src/lib_json/json_reader.cpp
index 59409cc..95eb4b2 100644 (file)
--- a/src/lib_json/json_reader.cpp
+++ b/src/lib_json/json_reader.cpp
@@ -1865,6 +1865,7 @@ static void getValidReaderKeys(std::set<std::string>* valid_keys)
   valid_keys->insert("strictRoot");
   valid_keys->insert("allowDroppedNullPlaceholders");
   valid_keys->insert("allowNumericKeys");
+  valid_keys->insert("stackLimit");
 }
 bool CharReaderBuilder::validate(Json::Value* invalid) const
 {
@@ -1903,6 +1904,7 @@ void CharReaderBuilder::setDefaults(Json::Value* settings)
   (*settings)["strictRoot"] = false;
   (*settings)["allowDroppedNullPlaceholders"] = false;
   (*settings)["allowNumericKeys"] = false;
+  (*settings)["stackLimit"] = 1000;
 //! [CharReaderBuilderDefaults]
 }
 
Domain: System / Base;