diff --git a/.gitignore b/.gitignore index 9682782fa..ee5dbe081 100644 --- a/.gitignore +++ b/.gitignore @@ -11,6 +11,8 @@ /doc/doxyfile /dist/ /.cache/ +/.vs/ +/out/ # MSVC project files: *.sln diff --git a/src/lib_json/json_reader.cpp b/src/lib_json/json_reader.cpp index 1ac5e81ab..11a18d578 100644 --- a/src/lib_json/json_reader.cpp +++ b/src/lib_json/json_reader.cpp @@ -44,8 +44,16 @@ // Define JSONCPP_DEPRECATED_STACK_LIMIT as an appropriate integer at compile // time to change the stack limit +// NOTE:LEA: reduced JSONCPP_DEPRECATED_STACK_LIMIT from 1000 to 500. This is the stack limit +// of the Reader::nodes_ and not the call stack limit of the system. At 1000, with a +// json file designed to cause stack overflow (as a hacking tool) this would overflow +// the system callstack when the Reader::nodes_ was only at 662 or so +// For Techsmith's purposes, we never have project nodes nested so deeply, so 500 seems +// like a perfectly reasonable limit and should not cause any projects to fail to load. +// Also, when trying to create that deep a nesting by repeated grouping of a media, +// Camtasiaa failed at ~150 levels deep so I could not get anywhere near 500. #if !defined(JSONCPP_DEPRECATED_STACK_LIMIT) -#define JSONCPP_DEPRECATED_STACK_LIMIT 1000 +#define JSONCPP_DEPRECATED_STACK_LIMIT 500 #endif static size_t const stackLimit_g = @@ -601,10 +609,11 @@ bool Reader::decodeDouble(Token& token, Value& decoded) { double value = 0; String buffer(token.start_, token.end_); IStringStream is(buffer); + is.imbue( std::locale::classic() ); if (!(is >> value)) { - if (value == std::numeric_limits::max()) + if (buffer.length() > 0 && buffer[0] != '-') value = std::numeric_limits::infinity(); - else if (value == std::numeric_limits::lowest()) + else if (buffer.length() > 0 && buffer[0] == '-') value = -std::numeric_limits::infinity(); else if (!std::isinf(value)) return addError(