From f7a295dc9dd986ca824e9c4b1dbc2eaec7a5a128 Mon Sep 17 00:00:00 2001 From: fengzero Date: Thu, 2 Jul 2026 09:03:27 +0000 Subject: [PATCH] check array length --- plugins/ekuiper/plugin_ekuiper.c | 3 +++ src/utils/json.c | 8 ++++++++ 2 files changed, 11 insertions(+) diff --git a/plugins/ekuiper/plugin_ekuiper.c b/plugins/ekuiper/plugin_ekuiper.c index 582f0144e..dca6ec5f5 100644 --- a/plugins/ekuiper/plugin_ekuiper.c +++ b/plugins/ekuiper/plugin_ekuiper.c @@ -30,6 +30,7 @@ #include "read_write.h" #define EKUIPER_PLUGIN_URL "tcp://127.0.0.1:7081" +#define EKUIPER_PLUGIN_RECV_MAX_SIZE (4 * 1024 * 1024) const neu_plugin_module_t neu_plugin_module; @@ -149,6 +150,8 @@ static inline int start(neu_plugin_t *plugin, const char *url) nng_pipe_notify(plugin->sock, NNG_PIPE_EV_REM_POST, pipe_rm_cb, plugin); nng_socket_set_int(plugin->sock, NNG_OPT_SENDBUF, 2048); nng_socket_set_int(plugin->sock, NNG_OPT_RECVBUF, 2048); + nng_socket_set_size(plugin->sock, NNG_OPT_RECVMAXSZ, + EKUIPER_PLUGIN_RECV_MAX_SIZE); if ((rv = nng_listen(plugin->sock, url, NULL, 0)) != 0) { plog_error(plugin, "nng_listen: %s", nng_strerror(rv)); diff --git a/src/utils/json.c b/src/utils/json.c index 52138d2c8..eb709e38a 100644 --- a/src/utils/json.c +++ b/src/utils/json.c @@ -18,6 +18,7 @@ **/ #include +#include #include #include @@ -544,6 +545,13 @@ static int decode_object(json_t *root, neu_json_elem_t *ele) } } + if (json_is_array(ob) && json_array_size(ob) > UINT16_MAX) { + ele->ok = false; + zlog_error(neuron, "json decode: array too long (%zu elements)", + json_array_size(ob)); + return -1; + } + ele->ok = true; switch (ele->t) {