webmcp
diff libraries/json/json.c @ 150:35fb4f92a887
Limit maximum depth for JSON parser to 500
author | jbe |
---|---|
date | Wed Jul 30 23:11:38 2014 +0200 (2014-07-30) |
parents | 5229687c7601 |
children | 6d2bb696f736 |
line diff
1.1 --- a/libraries/json/json.c Wed Jul 30 22:56:21 2014 +0200 1.2 +++ b/libraries/json/json.c Wed Jul 30 23:11:38 2014 +0200 1.3 @@ -4,7 +4,14 @@ 1.4 #include <string.h> 1.5 1.6 // maximum number of nested JSON values (objects and arrays): 1.7 -#define JSON_MAXDEPTH 100 1.8 +// NOTE: The Lua reference states that the stack may typically contain at least 1.9 +// "a few thousand elements". Since every nested level consumes 1.10 +// 3 elements on the Lua stack (the object/array, its shadow table, 1.11 +// a string key or a placeholder), we limit the number of nested levels 1.12 +// to 500. If a stack overflow would still happen in the import function, 1.13 +// this is detected nevertheless and an error is thrown (instead of 1.14 +// returning nil and an error string). 1.15 +#define JSON_MAXDEPTH 500 1.16 1.17 // macros for usage of Lua registry: 1.18 #define JSON_REGENT char