hjson-js stack exhaustion vulnerability

[scacaca]

Summary

A DOS vulnerability in hjson-js caused by crafted objects that deeply nested structures.

Description

An issue was discovered in the latest hjson-js allows attackers to cause a denial of service or other unspecified impacts via crafted objects that deeply nested structures. there is a similar vulnerable,but hjson-js has not similar fix logic. The relevent code in file1 Eg. function array(),function value(),function object()

Patch

there is a similar fix logic

Thanks

Thanks to YangChao Liu ([email protected])