[Git][java-team/libjettison-java][upstream] New upstream version 1.5.4
Tony Mancill (@tmancill)
gitlab at salsa.debian.org
Sun Jun 11 23:58:53 BST 2023
Tony Mancill pushed to branch upstream at Debian Java Maintainers / libjettison-java
Commits:
798881a2 by tony mancill at 2023-06-11T15:35:52-07:00
New upstream version 1.5.4
- - - - -
3 changed files:
- pom.xml
- src/main/java/org/codehaus/jettison/json/JSONArray.java
- src/test/java/org/codehaus/jettison/json/JSONArrayTest.java
Changes:
=====================================
pom.xml
=====================================
@@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.codehaus.jettison</groupId>
<artifactId>jettison</artifactId>
- <version>1.5.3</version>
+ <version>1.5.4</version>
<packaging>bundle</packaging>
<name>Jettison</name>
<description>A StAX implementation for JSON.</description>
@@ -31,7 +31,7 @@
<connection>scm:git:http://github.com/jettison-json/jettison.git</connection>
<developerConnection>scm:git:https://github.com/jettison-json/jettison.git</developerConnection>
<url>https://github.com/jettison-json/jettison</url>
- <tag>jettison-1.5.3</tag>
+ <tag>jettison-1.5.4</tag>
</scm>
<distributionManagement>
<snapshotRepository>
=====================================
src/main/java/org/codehaus/jettison/json/JSONArray.java
=====================================
@@ -182,22 +182,30 @@ public class JSONArray implements Serializable {
* @throws JSONException If there is a syntax error.
*/
public JSONArray(Collection collection) throws JSONException {
+ this(collection, 0);
+ }
+
+ private JSONArray(Collection collection, int recursionDepth) throws JSONException {
+ if (recursionDepth > JSONObject.getGlobalRecursionDepthLimit()) {
+ throw new JSONException("JSONArray has reached recursion depth limit of "
+ + JSONObject.getGlobalRecursionDepthLimit());
+ }
+
this.myArrayList = (collection == null) ?
new ArrayList() :
new ArrayList(collection);
// ensure a pure hierarchy of JSONObjects and JSONArrays
for (ListIterator iter = myArrayList.listIterator(); iter.hasNext();) {
- Object e = iter.next();
- if (e instanceof Collection) {
- iter.set(new JSONArray((Collection) e));
- }
- if (e instanceof Map) {
- iter.set(new JSONObject((Map) e));
- }
- }
+ Object e = iter.next();
+ if (e instanceof Collection) {
+ iter.set(new JSONArray((Collection) e, recursionDepth + 1));
+ }
+ if (e instanceof Map) {
+ iter.set(new JSONObject((Map) e));
+ }
+ }
}
-
/**
* Get the object value associated with an index.
* @param index
=====================================
src/test/java/org/codehaus/jettison/json/JSONArrayTest.java
=====================================
@@ -2,6 +2,9 @@ package org.codehaus.jettison.json;
import junit.framework.TestCase;
+import java.util.ArrayList;
+import java.util.List;
+
public class JSONArrayTest extends TestCase {
public void testInvalidArraySequence() throws Exception {
try {
@@ -67,6 +70,18 @@ public class JSONArrayTest extends TestCase {
public void testIssue52() throws JSONException {
JSONObject.setGlobalRecursionDepthLimit(10);
new JSONArray("[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {a:10}]");
+ JSONObject.setGlobalRecursionDepthLimit(500);
+ }
+
+ // https://github.com/jettison-json/jettison/issues/60
+ public void testIssue60() throws JSONException {
+ List<Object> list = new ArrayList<>();
+ list.add(list);
+ try {
+ new JSONArray(list);
+ } catch (JSONException ex) {
+ assertEquals(ex.getMessage(), "JSONArray has reached recursion depth limit of 500");
+ }
}
}
View it on GitLab: https://salsa.debian.org/java-team/libjettison-java/-/commit/798881a27ffd3f6b8e2992a2f1ad645308f64083
--
View it on GitLab: https://salsa.debian.org/java-team/libjettison-java/-/commit/798881a27ffd3f6b8e2992a2f1ad645308f64083
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-commits/attachments/20230611/bdfc9869/attachment.htm>
More information about the pkg-java-commits
mailing list