From d7de28f955f72f14abfa2a637e0e1c59e80ee0d8 Mon Sep 17 00:00:00 2001 From: Even Rouault Date: Sun, 5 Jul 2026 17:43:52 +0200 Subject: [PATCH] CQL2JSONParse(): limit parsing depth Fixes #7542 --- src/cql2json.cpp | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/src/cql2json.cpp b/src/cql2json.cpp index 25842f0b81..7634643ec5 100644 --- a/src/cql2json.cpp +++ b/src/cql2json.cpp @@ -17,6 +17,8 @@ #include "third-party/include_nlohmann_json.hpp" +#include + using json = nlohmann::json; static std::unique_ptr ParseOperator(const json &j, @@ -295,8 +297,23 @@ static std::unique_ptr ParseOperator(const json &j, std::unique_ptr CQL2JSONParse(const char *pszInput, std::string &errorMsg) { + struct ParsingException : public std::exception { + std::string msg{}; + ParsingException(const std::string &s) : msg(s) {} + + const char *what() const noexcept override { return msg.c_str(); } + }; + try { - return ParseOperator(json::parse(pszInput), errorMsg); + return ParseOperator( + json::parse(pszInput, + [](int depth, json::parse_event_t, json &) { + if (depth >= 256) + throw ParsingException( + "Too deep nesting in JSON content"); + return true; + }), + errorMsg); } catch (const std::exception &e) { errorMsg = "Exception while parsing CQL2 JSON: "; errorMsg += e.what();