Calling JsonPointer.compile(...)
on very deeply nested expression throws StackOverflowError
#818
Milestone
JsonPointer.compile(...)
on very deeply nested expression throws StackOverflowError
#818
(note: found by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51806)
When trying to compile
JsonPointer
expressions with thousands (on my machine 6000 or more) of path segments, aStackOverflowError
is thrown as parser uses simple recursive technique. This should be prevented by, for example:Note: this does not appear like something straight-forward to use by malicious actors since
JsonPointer
instances are not typically read from untrusted contents. Although as with anything else there may be specific individual cases where this could be a vector.The text was updated successfully, but these errors were encountered: