MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-11 22:40:14 -05:00
Code Issues Packages Projects Releases Wiki Activity

Limit jstream parse depth (#20474)

Browse Source 
Add https://github.com/bcicen/jstream/pull/15 by vendoring the package.

Sets JSON depth limit to 100 entries in S3 Select.
This commit is contained in:
Klaus Post
2024-09-23 12:35:41 -07:00
committed by GitHub
parent 03e996320e
commit 974cbb3bb7
21 changed files with 1484 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/s3select/json/preader.go
View File

@@ -24,7 +24,7 @@ import (
"runtime"
"sync"
"github.com/bcicen/jstream"
"github.com/minio/minio/internal/s3select/jstream"
"github.com/minio/minio/internal/s3select/sql"
)
@@ -185,7 +185,7 @@ func (r *PReader) startReaders() {
dst = make([]jstream.KVS, 0, 1000)
}
d := jstream.NewDecoder(bytes.NewBuffer(in.input), 0).ObjectAsKVS()
d := jstream.NewDecoder(bytes.NewBuffer(in.input), 0).ObjectAsKVS().MaxDepth(100)
stream := d.Stream()
all := dst[:0]
for mv := range stream {