Google Git
Sign in
chromium/external/github.com/open-source-parsers/jsoncpp/715735abbe29ee973049b34a7b6336b93d321284^!/.
commit
715735abbe29ee973049b34a7b6336b93d321284
[log]
author
Jordan Bayles <bayles.jordan@gmail.com>
Sun Mar 15 20:57:22 2026
committer
GitHub <noreply@github.com>
Sun Mar 15 20:57:22 2026
tree
2f08dfda495fc1618b786f1bf1a615e60f4225be
parent
dbd0850e9ac2b18b91fa5588b1243bbc0eb037c6 [diff]
Change stack depth limit to 256 (#1657)

* Change stack depth limit to 256

* run clang format
diff --git a/src/lib_json/json_reader.cpp b/src/lib_json/json_reader.cpp
index 265b030..0697132 100644
--- a/src/lib_json/json_reader.cpp
+++ b/src/lib_json/json_reader.cpp

@@ -39,7 +39,7 @@
 // Define JSONCPP_DEPRECATED_STACK_LIMIT as an appropriate integer at compile
 // time to change the stack limit
 #if !defined(JSONCPP_DEPRECATED_STACK_LIMIT)
-#define JSONCPP_DEPRECATED_STACK_LIMIT 1000
+#define JSONCPP_DEPRECATED_STACK_LIMIT 256
 #endif
 
 static size_t const stackLimit_g =
@@ -1932,7 +1932,7 @@
   (*settings)["allowDroppedNullPlaceholders"] = false;
   (*settings)["allowNumericKeys"] = false;
   (*settings)["allowSingleQuotes"] = false;
-  (*settings)["stackLimit"] = 1000;
+  (*settings)["stackLimit"] = 256;
   (*settings)["failIfExtra"] = true;
   (*settings)["rejectDupKeys"] = true;
   (*settings)["allowSpecialFloats"] = false;
@@ -1949,7 +1949,7 @@
   (*settings)["allowDroppedNullPlaceholders"] = false;
   (*settings)["allowNumericKeys"] = false;
   (*settings)["allowSingleQuotes"] = false;
-  (*settings)["stackLimit"] = 1000;
+  (*settings)["stackLimit"] = 256;
   (*settings)["failIfExtra"] = false;
   (*settings)["rejectDupKeys"] = false;
   (*settings)["allowSpecialFloats"] = false;
@@ -1965,7 +1965,7 @@
   (*settings)["allowDroppedNullPlaceholders"] = false;
   (*settings)["allowNumericKeys"] = false;
   (*settings)["allowSingleQuotes"] = false;
-  (*settings)["stackLimit"] = 1000;
+  (*settings)["stackLimit"] = 256;
   (*settings)["failIfExtra"] = true;
   (*settings)["rejectDupKeys"] = false;
   (*settings)["allowSpecialFloats"] = false;

diff --git a/src/test_lib_json/main.cpp b/src/test_lib_json/main.cpp
index 5d5b971..f19ca2f 100644
--- a/src/test_lib_json/main.cpp
+++ b/src/test_lib_json/main.cpp

@@ -3355,6 +3355,16 @@
     JSONTEST_ASSERT_THROWS(
         reader->parse(doc, doc + std::strlen(doc), &root, &errs));
   }
+  // Default stack limit should reject deeply nested input (regression test for
+  // stack exhaustion from fuzz input like [[[[...]]]])
+  {
+    Json::CharReaderBuilder defaultBuilder;
+    Json::String nested(300, '[');
+    CharReaderPtr reader(defaultBuilder.newCharReader());
+    Json::String errs;
+    JSONTEST_ASSERT_THROWS(reader->parse(
+        nested.data(), nested.data() + nested.size(), &root, &errs));
+  }
 
 #endif // JSON_USE_EXCEPTION
 }