Auto merge of #1313 - bitcartel:zc.v0.11.2.z9_1122, r=ebfull

Fixes #1122 where json_spirit could stack overflow

See #1122 for details.

src/Makefile.gtest.include

@@ -5,6 +5,7 @@ bin_PROGRAMS += zcash-gtest
 zcash_gtest_SOURCES = \
 	gtest/main.cpp \
 	gtest/json_test_vectors.cpp \
+	gtest/test_jsonspirit.cpp \
 	gtest/test_tautology.cpp \
 	gtest/test_checktransaction.cpp \
 	gtest/test_equihash.cpp \

src/gtest/test_jsonspirit.cpp

@@ -0,0 +1,17 @@
+#include <gtest/gtest.h>
+
+#include "json/json_spirit_reader_template.h"
+
+using namespace json_spirit;
+
+// This test checks if we have fixed a stack overflow problem with json_spirit.
+// It was possible to try and create an unlimited number of nested compound elements.
+// Without the fix in json_spirit_reader_template.h, this test will segfault.
+TEST(json_spirit_tests, nested_input_segfault) {
+    std::vector<char> v (100000);
+    std::fill (v.begin(),v.end(), '[');
+    std::string s(v.begin(), v.end());
+    Value value;
+    bool b = json_spirit::read_string(s, value);
+    ASSERT_FALSE(b);
+}

src/json/json_spirit_reader_template.h

@@ -308,6 +308,12 @@ namespace json_spirit
             }
             else
             {
+                // ZCASH: Prevent potential stack overflow by setting a limit on the number of nested compound elements
+                if (stack_.size() > 128) {
+                    throw std::domain_error("too many nested elements");
+                }
+                // ENDZCASH
+
                 stack_.push_back( current_p_ );
 
                 Array_or_obj new_array_or_obj;   // avoid copy by building new array or object in place