generic-library/jsoncpp
1
0
Fork 0
mirror of https://github.com/open-source-parsers/jsoncpp.git synced 2025-10-15 23:20:05 +02:00
Code Issues Projects Releases Wiki Activity

fix security hole for string-key-lengths > 2^30

Browse Source
This commit is contained in:
Christopher Dunn
2015-03-02 23:42:12 -06:00
parent 585b267595
commit 2d653bd15d
2 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/lib_json/json_reader.cpp
View File

@@ -1430,6 +1430,7 @@ bool OurReader::readObject(Token& tokenStart) {
return addErrorAndRecover(
"Missing ':' after object member name", colon, tokenObjectEnd);
}
if (name.length() >= (1U<<30)) throw std::runtime_error("keylength >= 2^30");
Value& value = currentValue()[name];
nodes_.push(&value);
bool ok = readValue();