Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow user to override the Code Point Limit required by SnakeYaml #1872

Merged
merged 1 commit into from
Jan 16, 2023

Commits on Jan 14, 2023

  1. Allow user to override the Code Point Limit required by SnakeYaml

    With this patch, a user may set the system property
    'maxYamlCodePoints' in order to override the default 3MiB limit
    configured in the org.yaml.snakeyaml package by default. This limit
    was implemented to prevent certain Denial-of-Service (DOS) attacks,
    but users should be given the opportunity to override this value for
    valid configurations which exceed the limit, such as the Redfish
    OpenAPI specification (developed by DMTF), which weighs in at 4.9MiB.
    
    This patch was tested to work with openapi-generator-cli v6.3.0.
    
    Signed-off-by: Ethan D. Twardy <ethan.twardy@gmail.com>
    AmateurECE committed Jan 14, 2023
    Configuration menu
    Copy the full SHA
    7857bca View commit details
    Browse the repository at this point in the history