Limit the nesting depth of the Json parser

The parser is recursive and too deeply nested json would cause it to exhaust the available stack space leading to crashes. We now abort parsing with a DeepNesting parse error if the document is too deeply nested. The current nesting limit is set to 1024, which should be more then enough for any real JSON data set. Change-Id: I4adea3fd727149f7342536d73cf4530361a0a3a1 Reviewed-by: Jamey Hicks <jamey.hicks@nokia.com> Reviewed-by: Denis Dzyubenko <denis.dzyubenko@nokia.com>
author: Lars Knoll <lars.knoll@nokia.com> 2012-05-12 12:09:35 +0200
committer: Qt by Nokia <qt-info@nokia.com> 2012-05-16 04:25:11 +0200
commit: 1756a84756807a9849aa507e77845dfdf31b8020 (patch)
tree: 0ed4ff43ba687440a6a2c2a52da183f752465f51 /src/corelib/json/qjsonparser_p.h
parent: d5000e82e3d17532b76d5a69fd35ac4e8f3b9d18 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/corelib/json/qjsonparser_p.h b/src/corelib/json/qjsonparser_p.h
index 8085edb2e0..2025f43e38 100644
--- a/src/corelib/json/qjsonparser_p.h
+++ b/src/corelib/json/qjsonparser_p.h
@@ -75,7 +75,7 @@ public:
 
         Parser *parser;
         int objectPosition;
-        QVarLengthArray<uint> offsets;
+        QVarLengthArray<uint, 64> offsets;
 
         inline QJsonPrivate::Entry *entryAt(int i) const {
             return reinterpret_cast<QJsonPrivate::Entry *>(parser->data + objectPosition + offsets[i]);
@@ -101,6 +101,7 @@ private:
     char *data;
     int dataLength;
     int current;
+    int nestingLevel;
     QJsonParseError::ParseError lastError;
 
     inline int reserveSpace(int space) {
author	Lars Knoll <lars.knoll@nokia.com>	2012-05-12 12:09:35 +0200
committer	Qt by Nokia <qt-info@nokia.com>	2012-05-16 04:25:11 +0200
commit	1756a84756807a9849aa507e77845dfdf31b8020 (patch)
tree	0ed4ff43ba687440a6a2c2a52da183f752465f51 /src/corelib/json/qjsonparser_p.h
parent	d5000e82e3d17532b76d5a69fd35ac4e8f3b9d18 (diff)