fankes/JSON-java-compat
2
0
Fork 0
mirror of https://github.com/fankes/JSON-java-compat.git synced 2025-09-08 11:34:43 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Resolving issue #743

Browse Source 
- Recursive depth issue found in JSONObject
- Recursive depth issue found in JSONArray
This commit is contained in:
sk02241994
2023-11-03 19:54:23 +05:30
parent 6dba7220e1
commit 6d811607dd
4 changed files with 83 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/main/java/org/json/JSONObject.java
View File

@@ -147,6 +147,7 @@ public class JSONObject {
* The map where the JSONObject's properties are kept.
*/
private final Map<String, Object> map;
public static final int RECURSION_DEPTH_LIMIT = 1000;
public Class<? extends Map> getMapType() {
return map.getClass();
@@ -276,6 +277,17 @@ public class JSONObject {
* If a key in the map is <code>null</code>
*/
public JSONObject(Map<?, ?> m) {
this(m, 0);
}
/**
* Construct a JSONObject from a map with recursion depth.
*
*/
protected JSONObject(Map<?, ?> m, int recursionDepth) {
if (recursionDepth > RECURSION_DEPTH_LIMIT) {
throw new JSONException("JSONObject has reached recursion depth limit of " + RECURSION_DEPTH_LIMIT);
}
if (m == null) {
this.map = new HashMap<String, Object>();
} else {
@@ -287,7 +299,7 @@ public class JSONObject {
final Object value = e.getValue();
if (value != null) {
testValidity(value);
this.map.put(String.valueOf(e.getKey()), wrap(value));
this.map.put(String.valueOf(e.getKey()), wrap(value, recursionDepth + 1));
}
}
}
@@ -2566,7 +2578,15 @@ public class JSONObject {
return wrap(object, null);
}
public static Object wrap(Object object, int recursionDepth) {
return wrap(object, null, recursionDepth);
}
private static Object wrap(Object object, Set<Object> objectsRecord) {
return wrap(object, objectsRecord, 0);
}
private static Object wrap(Object object, Set<Object> objectsRecord, int recursionDepth) {
try {
if (NULL.equals(object)) {
return NULL;
@@ -2584,14 +2604,14 @@ public class JSONObject {
if (object instanceof Collection) {
Collection<?> coll = (Collection<?>) object;
return new JSONArray(coll);
return new JSONArray(coll, recursionDepth);
}
if (object.getClass().isArray()) {
return new JSONArray(object);
}
if (object instanceof Map) {
Map<?, ?> map = (Map<?, ?>) object;
return new JSONObject(map);
return new JSONObject(map, recursionDepth);
}
Package objectPackage = object.getClass().getPackage();
String objectPackageName = objectPackage != null ? objectPackage