json: lower maximum allowed recursion to 2K
Apparently 4K is too high still, let's halve it. Fixes: #14396
This commit is contained in:
parent
b1fce5f618
commit
898820edb5
|
@ -26,11 +26,17 @@
|
|||
#include "user-util.h"
|
||||
#include "utf8.h"
|
||||
|
||||
/* Refuse putting together variants with a larger depth than 4K by default (as a protection against overflowing stacks
|
||||
/* Refuse putting together variants with a larger depth than 2K by default (as a protection against overflowing stacks
|
||||
* if code processes JSON objects recursively. Note that we store the depth in an uint16_t, hence make sure this
|
||||
* remains under 2^16.
|
||||
* The value was 16k, but it was discovered to be too high on llvm/x86-64. See also the issue #10738. */
|
||||
#define DEPTH_MAX (4U*1024U)
|
||||
*
|
||||
* The value first was 16k, but it was discovered to be too high on llvm/x86-64. See also:
|
||||
* https://github.com/systemd/systemd/issues/10738
|
||||
*
|
||||
* The value then was 4k, but it was discovered to be too high on s390x/aarch64. See also:
|
||||
* https://github.com/systemd/systemd/issues/14396 */
|
||||
|
||||
#define DEPTH_MAX (2U*1024U)
|
||||
assert_cc(DEPTH_MAX <= UINT16_MAX);
|
||||
|
||||
typedef struct JsonSource {
|
||||
|
|
Loading…
Reference in New Issue