Skip to content

Commit 5cc0e39

Browse files
authored
Fix: add depth check to prevent stack overflow in cJSON_Print (#984)
1 parent a29814f commit 5cc0e39

1 file changed

Lines changed: 10 additions & 0 deletions

File tree

cJSON.c

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1598,6 +1598,11 @@ static cJSON_bool print_array(const cJSON * const item, printbuffer * const outp
15981598
return false;
15991599
}
16001600

1601+
if (output_buffer->depth >= CJSON_NESTING_LIMIT)
1602+
{
1603+
return false; /* nesting is too deep */
1604+
}
1605+
16011606
/* Compose the output array. */
16021607
/* opening square bracket */
16031608
output_pointer = ensure(output_buffer, 1);
@@ -1778,6 +1783,11 @@ static cJSON_bool print_object(const cJSON * const item, printbuffer * const out
17781783
return false;
17791784
}
17801785

1786+
if (output_buffer->depth >= CJSON_NESTING_LIMIT)
1787+
{
1788+
return false; /* nesting is too deep */
1789+
}
1790+
17811791
/* Compose the output: */
17821792
length = (size_t) (output_buffer->format ? 2 : 1); /* fmt: {\n */
17831793
output_pointer = ensure(output_buffer, length + 1);

0 commit comments

Comments
 (0)