mirror of
https://github.com/fankes/JSON-java-compat.git
synced 2025-09-08 11:34:43 +08:00
fix: limit the nesting depth
This commit is contained in:
Cleydyr de Albuquerque
@@ -232,7 +232,7 @@ public class XML {
|
||||
* @return true if the close tag is processed.
|
||||
* @throws JSONException
|
||||
*/
|
||||
private static boolean parse(XMLTokener x, JSONObject context, String name, XMLParserConfiguration config)
|
||||
private static boolean parse(XMLTokener x, JSONObject context, String name, XMLParserConfiguration config, int currentNestingDepth)
|
||||
throws JSONException {
|
||||
char c;
|
||||
int i;
|
||||
@@ -402,7 +402,11 @@ public class XML {
|
||||
|
||||
} else if (token == LT) {
|
||||
// Nested element
|
||||
if (parse(x, jsonObject, tagName, config)) {
|
||||
if (currentNestingDepth == config.getMaxNestingDepth()) {
|
||||
throw x.syntaxError("Maximum nesting depth of " + config.getMaxNestingDepth() + " reached");
|
||||
}
|
||||
|
||||
if (parse(x, jsonObject, tagName, config, currentNestingDepth + 1)) {
|
||||
if (config.getForceList().contains(tagName)) {
|
||||
// Force the value to be an array
|
||||
if (jsonObject.length() == 0) {
|
||||
@@ -644,6 +648,10 @@ public class XML {
|
||||
* All values are converted as strings, for 1, 01, 29.0 will not be coerced to
|
||||
* numbers but will instead be the exact value as seen in the XML document.
|
||||
*
|
||||
* This method can parse documents with a maximum nesting depth of 256. If you
|
||||
* need to parse documents with a nesting depth greater than 256, you should use
|
||||
*
|
||||
*
|
||||
* @param reader The XML source reader.
|
||||
* @param config Configuration options for the parser
|
||||
* @return A JSONObject containing the structured data from the XML string.
|
||||
@@ -655,7 +663,7 @@ public class XML {
|
||||
while (x.more()) {
|
||||
x.skipPast("<");
|
||||
if(x.more()) {
|
||||
parse(x, jo, null, config);
|
||||
parse(x, jo, null, config, 0);
|
||||
}
|
||||
}
|
||||
return jo;
|
||||
|
||||
Reference in New Issue
Block a user