DaveGamble/cJSON
1
0
Fork 0
mirror of https://github.com/DaveGamble/cJSON.git synced 2026-06-06 05:14:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added max recusrion depth for cJSONDuplicate to prevent stack exhaustion in case of circular reference

Browse Source
This commit is contained in:
Nicolas Badoux
2024-08-30 13:36:22 +02:00
committed by Alan Wang
parent 078c4e6c53
commit 9d1b229086
3 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cJSON.c
+11 -1
View File
@@ -2737,7 +2737,14 @@ CJSON_PUBLIC(cJSON *) cJSON_CreateStringArray(const char *const *strings, int co
}
/* Duplication */
cJSON * cJSON_Duplicate_rec(const cJSON *item, size_t depth, cJSON_bool recurse);
CJSON_PUBLIC(cJSON *) cJSON_Duplicate(const cJSON *item, cJSON_bool recurse)
{
return cJSON_Duplicate_rec(item, 0, recurse );
}
cJSON * cJSON_Duplicate_rec(const cJSON *item, size_t depth, cJSON_bool recurse)
{
cJSON *newitem = NULL;
cJSON *child = NULL;
@@ -2784,7 +2791,10 @@ CJSON_PUBLIC(cJSON *) cJSON_Duplicate(const cJSON *item, cJSON_bool recurse)
child = item->child;
while (child != NULL)
{
newchild = cJSON_Duplicate(child, true); /* Duplicate (with recurse) each item in the ->next chain */
if(depth >= CJSON_CIRCULAR_LIMIT) {
goto fail;
}
newchild = cJSON_Duplicate_rec(child, ++depth, true); /* Duplicate (with recurse) each item in the ->next chain */
if (!newchild)
{
goto fail;