This is closely related to #1583. If a schema does not support an arbitrarily deep JSON encoding, a stack overflow can still be induced via a malicious payload if the protojson.UnmarshalOptions.DiscardUnknown field is true. This is because the code to discard unknown fields is recursive. It should instead use iteration with a slice to model the stack of open objects and arrays, so it can safely discard JSON of arbitrary complexity.
This is closely related to #1583. If a schema does not support an arbitrarily deep JSON encoding, a stack overflow can still be induced via a malicious payload if the
protojson.UnmarshalOptions.DiscardUnknown
field is true. This is because the code to discard unknown fields is recursive. It should instead use iteration with a slice to model the stack of open objects and arrays, so it can safely discard JSON of arbitrary complexity.