ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-12-06 17:27:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Limit nesting of json commands

Browse Source
This commit is contained in:
Howard Hinnant
2018-01-09 16:26:22 -05:00
committed by Scott Schurr
parent 718d217158
commit 0ec66b3dbc
3 changed files with 66 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
src/test/json/json_value_test.cpp
View File

@@ -24,6 +24,8 @@
#include <ripple/beast/unit_test.h>
#include <ripple/beast/type_name.h>
#include <algorithm>
namespace ripple {
struct json_value_test : beast::unit_test::suite
@@ -249,6 +251,52 @@ struct json_value_test : beast::unit_test::suite
}
}
void test_nest_limits ()
{
Json::Reader r;
{
auto nest = [](std::uint32_t depth)->std::string {
std::string s = "{";
for (std::uint32_t i{1}; i <= depth; ++i)
s += "\"obj\":{";
for (std::uint32_t i{1}; i <= depth; ++i)
s += "}";
s += "}";
return s;
};
{
// Within object nest limit
auto json{nest(std::min(10u, Json::Reader::nest_limit))};
Json::Value j;
BEAST_EXPECT(r.parse(json, j));
}
{
// Exceed object nest limit
auto json{nest(Json::Reader::nest_limit + 1)};
Json::Value j;
BEAST_EXPECT(!r.parse(json, j));
}
}
auto nest = [](std::uint32_t depth)->std::string {
std::string s = "{";
for (std::uint32_t i{1}; i <= depth; ++i)
s += "\"array\":[{";
for (std::uint32_t i{1}; i <= depth; ++i)
s += "]}";
s += "}";
return s;
};
{
// Exceed array nest limit
auto json{nest(Json::Reader::nest_limit + 1)};
Json::Value j;
BEAST_EXPECT(!r.parse(json, j));
}
}
void run ()
{
test_bool ();
@@ -258,6 +306,7 @@ struct json_value_test : beast::unit_test::suite
test_move ();
test_comparisons ();
test_compact ();
test_nest_limits ();
}
};