diff --git a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/DeserializationUtils.java b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/DeserializationUtils.java index 3779c37a31..7799d93fa0 100644 --- a/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/DeserializationUtils.java +++ b/modules/swagger-parser-v3/src/main/java/io/swagger/v3/parser/util/DeserializationUtils.java @@ -40,7 +40,7 @@ public static class Options { private Long maxYamlReferences = System.getProperty("maxYamlReferences") == null ? 10000000L : Long.valueOf(System.getProperty("maxYamlReferences")); private boolean validateYamlInput = System.getProperty("validateYamlInput") == null ? true : Boolean.valueOf(System.getProperty("validateYamlInput")); private boolean yamlCycleCheck = System.getProperty("yamlCycleCheck") == null ? true : Boolean.valueOf(System.getProperty("yamlCycleCheck")); - + private Integer maxYamlCodePoints = System.getProperty("maxYamlCodePoints") == null ? 3 * 1024 * 1024 : Integer.valueOf(System.getProperty("maxYamlCodePoints")); private Integer maxYamlAliasesForCollections = System.getProperty("maxYamlAliasesForCollections") == null ? Integer.MAX_VALUE : Integer.valueOf(System.getProperty("maxYamlAliasesForCollections")); private boolean yamlAllowRecursiveKeys = System.getProperty("yamlAllowRecursiveKeys") == null ? true : Boolean.valueOf(System.getProperty("yamlAllowRecursiveKeys")); @@ -74,6 +74,8 @@ public boolean isYamlCycleCheck() { return yamlCycleCheck; } + public Integer getMaxYamlCodePoints() { return maxYamlCodePoints; } + public void setYamlCycleCheck(boolean yamlCycleCheck) { this.yamlCycleCheck = yamlCycleCheck; } @@ -261,6 +263,8 @@ public static org.yaml.snakeyaml.Yaml buildSnakeYaml(BaseConstructor constructor method.invoke(loaderOptions, options.isYamlAllowRecursiveKeys()); method = LoaderOptions.class.getMethod("setAllowDuplicateKeys", boolean.class); method.invoke(loaderOptions, false); + method = LoaderOptions.class.getMethod("setCodePointLimit", int.class); + method.invoke(loaderOptions, options.getMaxYamlCodePoints()); org.yaml.snakeyaml.Yaml yaml = new org.yaml.snakeyaml.Yaml(constructor, new Representer(), new DumperOptions(), loaderOptions, new CustomResolver()); return yaml; } catch (ReflectiveOperationException e) {