| … | |
… | |
| 393 | given character in a string. |
393 | given character in a string. |
| 394 | |
394 | |
| 395 | Setting the maximum depth to one disallows any nesting, so that ensures |
395 | Setting the maximum depth to one disallows any nesting, so that ensures |
| 396 | that the object is only a single hash/object or array. |
396 | that the object is only a single hash/object or array. |
| 397 | |
397 | |
| 398 | The argument to C<max_depth> will be rounded up to the next nearest power |
398 | The argument to C<max_depth> will be rounded up to the next highest power |
| 399 | of two. |
399 | of two. If no argument is given, the highest possible setting will be |
|
|
400 | used, which is rarely useful. |
|
|
401 | |
|
|
402 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
|
|
403 | |
|
|
404 | =item $json = $json->max_size ([$maximum_string_size]) |
|
|
405 | |
|
|
406 | Set the maximum length a JSON text may have (in bytes) where decoding is |
|
|
407 | being attempted. The default is C<0>, meaning no limit. When C<decode> |
|
|
408 | is called on a string longer then this number of characters it will not |
|
|
409 | attempt to decode the string but throw an exception. This setting has no |
|
|
410 | effect on C<encode> (yet). |
|
|
411 | |
|
|
412 | The argument to C<max_size> will be rounded up to the next B<highest> |
|
|
413 | power of two (so may be more than requested). If no argument is given, the |
|
|
414 | limit check will be deactivated (same as when C<0> is specified). |
| 400 | |
415 | |
| 401 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
416 | See SECURITY CONSIDERATIONS, below, for more info on why this is useful. |
| 402 | |
417 | |
| 403 | =item $json_text = $json->encode ($perl_scalar) |
418 | =item $json_text = $json->encode ($perl_scalar) |
| 404 | |
419 | |
| … | |
… | |
| 752 | Second, you need to avoid resource-starving attacks. That means you should |
767 | Second, you need to avoid resource-starving attacks. That means you should |
| 753 | limit the size of JSON texts you accept, or make sure then when your |
768 | limit the size of JSON texts you accept, or make sure then when your |
| 754 | resources run out, thats just fine (e.g. by using a separate process that |
769 | resources run out, thats just fine (e.g. by using a separate process that |
| 755 | can crash safely). The size of a JSON text in octets or characters is |
770 | can crash safely). The size of a JSON text in octets or characters is |
| 756 | usually a good indication of the size of the resources required to decode |
771 | usually a good indication of the size of the resources required to decode |
| 757 | it into a Perl structure. |
772 | it into a Perl structure. While JSON::XS can check the size of the JSON |
|
|
773 | text, it might be too late when you already have it in memory, so you |
|
|
774 | might want to check the size before you accept the string. |
| 758 | |
775 | |
| 759 | Third, JSON::XS recurses using the C stack when decoding objects and |
776 | Third, JSON::XS recurses using the C stack when decoding objects and |
| 760 | arrays. The C stack is a limited resource: for instance, on my amd64 |
777 | arrays. The C stack is a limited resource: for instance, on my amd64 |
| 761 | machine with 8MB of stack size I can decode around 180k nested arrays but |
778 | machine with 8MB of stack size I can decode around 180k nested arrays but |
| 762 | only 14k nested JSON objects (due to perl itself recursing deeply on croak |
779 | only 14k nested JSON objects (due to perl itself recursing deeply on croak |
