Bug #1225: json2dcm readValue JSON SQ unbounded recursion - DCMTK - OFFIS DCMTK and DICOM Projects

Actions

Copy link

Bug #1225

closed

json2dcm readValue JSON SQ unbounded recursion

Added by Marco Eichelberg 3 days ago. Updated about 4 hours ago.

Status:

Closed

Priority:

Normal

Assignee:

Marco Eichelberg

Category:

Library and Apps

Target version:

Start date:

2026-06-16

Due date:

% Done:

100%

Estimated time:

1:00 h

Module:

dcmdata

Operating System:

Compiler:

Description

DcmJsonReaderBase::readValue() recurses via DcmJsonReaderBase::parseSequence() on SQ JSON value items with no depth check. At 15,000 nesting levels the 8 MB default stack is exhausted.

Files

poc_008_deep.json (513 KB) poc_008_deep.json

PoC file that causes a segmentation fault when processed with json2dcm

Marco Eichelberg, 2026-06-16 18:22

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

DCMTK

Bug #1225

json2dcm readValue JSON SQ unbounded recursion

Updated by Marco Eichelberg 3 days ago

Updated by Marco Eichelberg 3 days ago

Updated by Marco Eichelberg 2 days ago

Updated by Marco Eichelberg about 4 hours ago