Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.15.0 com.fasterxml.jackson.databind.JsonMappingException: String length (5046272) exceeds the maximum length (5000000) #1001

Closed
mail4csm opened this issue Apr 28, 2023 · 4 comments
Closed

2.15.0 com.fasterxml.jackson.databind.JsonMappingException: String length (5046272) exceeds the maximum length (5000000) #1001

mail4csm opened this issue Apr 28, 2023 · 4 comments

Comments

@mail4csm
Copy link

On very big json (~20MB), convertion (serialization) string to object is not possible, error is thrown:
com.fasterxml.jackson.databind.JsonMappingException: String length (5046272) exceeds the maximum length (5000000) ..
Conversion works on version: 2.14.2
Conversion does not work on version: 2.15.0
@pjfanning
Copy link
Member

pjfanning commented Apr 28, 2023
edited

This is one the main features of the Jackson 2.15 release - an attempt to have Jackson fail if malicious input is provided.

Most users do not use such large text entries in their JSON.

You can increase the limits by creating a StreamReadConstraints instance and configuring your ObjectMapper with it.

You can increase the string limit from 5 million to 10 million like this:

objectMapper.getFactory()
		.setStreamReadConstraints(StreamReadConstraints.builder().maxStringLength(10_000_000).build())

Or

JsonFactory jsonFactory = JsonFactory.builder()
  .streamReadConstraints(StreamReadConstraints.builder().maxStringLength(10_000_000)
  .build();

ObjectMapper objectMapper = JsonMapper.builder(jsonFactory).build();

@mail4csm
Copy link
Author

perfect

@pjfanning pjfanning mentioned this issue Apr 28, 2023
Closed
@ylwu-amzn ylwu-amzn mentioned this issue Apr 28, 2023
Merged
6 tasks
MikAoJk added a commit to navikt/pale-2-sak that referenced this issue May 2, 2023
@MikAoJk
increase the string limit from 5 million to 10 million
cc463eb 
ref: FasterXML/jackson-core#1001 (comment)
@reta reta mentioned this issue May 12, 2023
Closed
@ylwu-amzn ylwu-amzn mentioned this issue May 12, 2023
Closed
@dz-commercetools dz-commercetools mentioned this issue Jun 23, 2023
Merged
@Netyyyy Netyyyy mentioned this issue Jun 25, 2023
Closed
@hobbs131 hobbs131 mentioned this issue Oct 19, 2023
Closed
@denizk
Copy link

denizk commented Jan 30, 2024

Just came across this ticket after upgrading to 2.16.1.

I've tried the method to override the default StreamReadConstraints._maxNameLen value of 50_000 with

objectMapper.factory.setStreamReadConstraints(StreamReadConstraints.builder().maxNameLength(100_000).build())

However, this does not adjust the StreamReadConstraints used in

JsonFactory._rootCharSymbols = CharsToNameCanonicalizer.createRoot(this);

which are initialised at JsonFactory construction time, so will end up with the defaults and inherit it to children used in JsonParsers when calling this._rootCharSymbols.makeChild()

So, best to use the 2nd approach mentioned by @pjfanning in #1001 (comment)

@cowtowncoder
Copy link
Member

@denizk Ok thank you for bringing this up. It is unfortunate. I will file an issue for this problem.

Second method would be preferred in general, but both should work.

@cowtowncoder cowtowncoder mentioned this issue Jan 31, 2024
Closed
ehumber added a commit to confluentinc/kafka-rest that referenced this issue Jun 5, 2024
@ehumber
KNET-15501 work around jackson databind string length limit
6388a37 
Implement the change from FasterXML/jackson-core#1001 (comment)

I'm using maxint for the value, as we do length checks of the stream elsewhere, and this seems safest to avoid a regression (see the code comment for more details)
ehumber added a commit to confluentinc/kafka-rest that referenced this issue Jun 5, 2024
@ehumber
KNET-15501 work around jackson databind string length limit
7d6dea5 
Implement the change from FasterXML/jackson-core#1001 (comment)

I'm using maxint for the value, as we do length checks of the stream elsewhere, and this seems safest to avoid a regression (see the code comment for more details)
@ehumber ehumber mentioned this issue Jun 5, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@cowtowncoder @denizk @pjfanning @mail4csm