Summary
A DOS vulnerability in hjson-cpp caused by crafted objects that deeply nested structures.
Description
An issue was discovered in the latest hjson-cpp allows attackers to cause a denial of service or other unspecified impacts via crafted objects that deeply nested structures.
there is a similar vulnerable,but hjson-cpp has not similar fix logic.
The relevent code in file1
eg. static Value _readValue(Parser *p),static Value _readObject(Parser *p),static Value _readArray(Parser *p)
Patch
there is a similar fix logic
Limit parse depth.
Summary
A DOS vulnerability in hjson-cpp caused by crafted objects that deeply nested structures.
Description
An issue was discovered in the latest hjson-cpp allows attackers to cause a denial of service or other unspecified impacts via crafted objects that deeply nested structures.
there is a similar vulnerable,but hjson-cpp has not similar fix logic.
The relevent code in file1
eg. static Value _readValue(Parser *p),static Value _readObject(Parser *p),static Value _readArray(Parser *p)
Patch
there is a similar fix logic
Limit parse depth.