fix QJsonDocument map/hash recursion and limit it

Signed-off-by: Ivailo Monev <xakepa10@gmail.com>

CMakeLists.txt

@@ -212,8 +212,8 @@ set_package_properties(ZSTD PROPERTIES
     TYPE REQUIRED
 )
 
-# v2.6+ required for JSON_ALLOW_NUL
-find_package(Jansson 2.6)
+# v2.8+ required for JSON_PARSER_MAX_DEPTH
+find_package(Jansson 2.8)
 set_package_properties(Jansson PROPERTIES
     PURPOSE "Required for JSON support"
     DESCRIPTION "C library for encoding, decoding and manipulating JSON data"

src/core/tools/qjsondocument.cpp

@@ -33,7 +33,7 @@ public:
     QJsonDocumentPrivate() : ref(1) { }
 
     QVariantMap jsonToMap(const QByteArray &jsondata);
-    QByteArray mapToJson(const QVariantMap &jsonmap);
+    void mapToJson(const QVariantMap &jsonmap, json_t *jroot, quint16 jdepth);
 
     QAtomicInt ref;
     QByteArray json;
@@ -155,18 +155,16 @@ QVariantMap QJsonDocumentPrivate::jsonToMap(const QByteArray &jsondata)
     return result;
 }
 
-QByteArray QJsonDocumentPrivate::mapToJson(const QVariantMap &jsonmap)
+void QJsonDocumentPrivate::mapToJson(const QVariantMap &jsonmap, json_t *jroot, quint16 jdepth)
 {
-    QByteArray result;
-
     if (jsonmap.isEmpty()) {
         error = QCoreApplication::translate("QJsonDocument", "Data map is empty");
-        return result;
+        return;
+    } else if (jdepth >= JSON_PARSER_MAX_DEPTH) {
+        error = QCoreApplication::translate("QJsonDocument", "Maximum depth reached");
+        return;
     }
 
-    static const size_t jflags = JSON_SORT_KEYS | JSON_INDENT(4);
-    json_t *jroot = json_object();
-
     foreach(const QString &key, jsonmap.keys()) {
         const QVariant value = jsonmap.value(key);
         const QByteArray bytearraykey = key.toUtf8();
@@ -213,7 +211,11 @@ QByteArray QJsonDocumentPrivate::mapToJson(const QVariantMap &jsonmap)
             }
             case QVariant::Hash:
             case QVariant::Map: {
-                result += mapToJson(value.toMap());
+                jdepth++;
+                json_t *jrootn = json_object();
+                mapToJson(value.toMap(), jrootn, jdepth);
+                json_object_set_new_nocheck(jroot, bytearraykey.constData(), jrootn);
+                jdepth--;
                 break;
             }
             default: {
@@ -223,12 +225,7 @@ QByteArray QJsonDocumentPrivate::mapToJson(const QVariantMap &jsonmap)
         }
     }
 
-    result += json_dumps(jroot, jflags);
-    json_decref(jroot);
-
-    // qDebug() << "converted" << jsonmap << "to" << result;
-
-    return result;
+    // qDebug() << "converted" << jsonmap << "to" << json_dumps(jroot, 0);
 }
 
 QJsonDocument::QJsonDocument()
@@ -273,9 +270,14 @@ QJsonDocument &QJsonDocument::operator =(const QJsonDocument &other)
  */
 QJsonDocument QJsonDocument::fromVariant(const QVariant &variant)
 {
+    static const size_t jflags = JSON_SORT_KEYS | JSON_INDENT(4);
+
     QScopedPointer<QJsonDocumentPrivate> d(new QJsonDocumentPrivate());
     d->map = variant.toMap();
-    d->json = d->mapToJson(d->map);
+    json_t *jroot = json_object();
+    d->mapToJson(d->map, jroot, 1);
+    d->json = json_dumps(jroot, jflags);
+    json_decref(jroot);
 
     QJsonDocument jd;
     if (Q_UNLIKELY(!d->error.isEmpty())) {

translations/qt.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2021-03-02 04:17+0200\n"
+"POT-Creation-Date: 2021-03-18 12:01+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -349,7 +349,7 @@ msgctxt "QJsonDocument"
 msgid "Unknown JSON type in array"
 msgstr ""
 
-#: src/core/tools/qjsondocument.cpp:138 src/core/tools/qjsondocument.cpp:220
+#: src/core/tools/qjsondocument.cpp:138 src/core/tools/qjsondocument.cpp:222
 msgctxt "QJsonDocument"
 msgid "Unknown JSON type"
 msgstr ""
@@ -359,11 +359,16 @@ msgctxt "QJsonDocument"
 msgid "Rootless array/values are not supported"
 msgstr ""
 
-#: src/core/tools/qjsondocument.cpp:163
+#: src/core/tools/qjsondocument.cpp:161
 msgctxt "QJsonDocument"
 msgid "Data map is empty"
 msgstr ""
 
+#: src/core/tools/qjsondocument.cpp:164
+msgctxt "QJsonDocument"
+msgid "Maximum depth reached"
+msgstr ""
+
 #: src/declarative/graphicsitems/qdeclarativeitemsmodule.cpp:83
 msgctxt "QDeclarativeAnimatedImage"
 msgid "Katie was built without support for QMovie"
@@ -1018,60 +1023,60 @@ msgctxt "QDeclarativeParser"
 msgid "Expected token `%1'"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:520
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:643
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:697
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:516
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:639
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:693
 msgctxt "QDeclarativeParser"
 msgid "Illegal unicode escape sequence"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:557
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:553
 msgctxt "QDeclarativeParser"
 msgid "Illegal character"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:571
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:567
 msgctxt "QDeclarativeParser"
 msgid "Unclosed string at end of line"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:597
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:593
 msgctxt "QDeclarativeParser"
 msgid "Illegal escape sequence"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:669
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:665
 msgctxt "QDeclarativeParser"
 msgid "Unclosed comment at end of file"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:771
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:767
 msgctxt "QDeclarativeParser"
 msgid "Illegal syntax for exponential number"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:797
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:793
 msgctxt "QDeclarativeParser"
 msgid "Identifier cannot start with numeric literal"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1135
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1131
 msgctxt "QDeclarativeParser"
 msgid "Unterminated regular expression literal"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1150
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1146
 msgctxt "QDeclarativeParser"
 msgid "Invalid regular expression flag '%0'"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1166
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1188
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1162
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1184
 msgctxt "QDeclarativeParser"
 msgid "Unterminated regular expression backslash sequence"
 msgstr ""
 
-#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1201
+#: src/declarative/qml/parser/qdeclarativejslexer.cpp:1197
 msgctxt "QDeclarativeParser"
 msgid "Unterminated regular expression class"
 msgstr ""
@@ -1866,32 +1871,32 @@ msgstr ""
 msgid "&OK"
 msgstr ""
 
-#: src/gui/image/qimagereader.cpp:463
+#: src/gui/image/qimagereader.cpp:457
 msgctxt "QImageReader"
 msgid "Invalid device"
 msgstr ""
 
-#: src/gui/image/qimagereader.cpp:490
+#: src/gui/image/qimagereader.cpp:484
 msgctxt "QImageReader"
 msgid "File not found"
 msgstr ""
 
-#: src/gui/image/qimagereader.cpp:499
+#: src/gui/image/qimagereader.cpp:493
 msgctxt "QImageReader"
 msgid "Unsupported image format"
 msgstr ""
 
-#: src/gui/image/qimagereader.cpp:1031
+#: src/gui/image/qimagereader.cpp:990
 msgctxt "QImageReader"
 msgid "Unable to read image data"
 msgstr ""
 
-#: src/gui/image/qimagereader.cpp:1222
+#: src/gui/image/qimagereader.cpp:1181
 msgctxt "QImageReader"
 msgid "Unknown error"
 msgstr ""
 
-#: src/gui/widgets/qtabbar.cpp:2179
+#: src/gui/widgets/qtabbar.cpp:2176
 msgid "Close Tab"
 msgstr ""
 

translations/qt_tools.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2021-03-02 04:17+0200\n"
+"POT-Creation-Date: 2021-03-18 12:01+0200\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"