From c4eda3e58680528147a4cc7e2b3c9044f795c9c9 Mon Sep 17 00:00:00 2001 From: zhangskz Date: Thu, 29 Jan 2026 14:31:08 -0500 Subject: [PATCH] Fix Any recursion depth bypass in Python json_format.ParseDict (#25239) (#25586) This fixes a security vulnerability where nested google.protobuf.Any messages could bypass the max_recursion_depth limit, potentially leading to denial of service via stack overflow. The root cause was that _ConvertAnyMessage() was calling itself recursively via methodcaller() for nested well-known types, bypassing the recursion depth tracking in ConvertMessage(). The fix routes well-known type parsing through ConvertMessage() to ensure proper recursion depth accounting for all message types including nested Any. Fixes #25070 Closes #25239 COPYBARA_INTEGRATE_REVIEW=https://github.com/protocolbuffers/protobuf/pull/25239 from aviralgarg05:fix-any-recursion-depth-bypass 3cbbcbea142593d3afd2ceba2db14b05660f62f4 PiperOrigin-RevId: 862740421 Co-authored-by: Aviral Garg CVE: CVE-2026-0994 Upstream-Status: Backport [https://github.com/protocolbuffers/protobuf/commit/c4eda3e58680528147a4cc7e2b3c9044f795c9c9] Signed-off-by: Peter Marko --- google/protobuf/json_format.py | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/google/protobuf/json_format.py b/google/protobuf/json_format.py index 1b6ce9d03..9acbaefb5 100644 --- a/google/protobuf/json_format.py +++ b/google/protobuf/json_format.py @@ -652,9 +652,11 @@ class _Parser(object): self._ConvertWrapperMessage(value['value'], sub_message, '{0}.value'.format(path)) elif full_name in _WKTJSONMETHODS: - methodcaller(_WKTJSONMETHODS[full_name][1], value['value'], sub_message, - '{0}.value'.format(path))( - self) + # For well-known types (including nested Any), use ConvertMessage + # to ensure recursion depth is properly tracked + self.ConvertMessage( + value['value'], sub_message, '{0}.value'.format(path) + ) else: del value['@type'] self._ConvertFieldValuePair(value, sub_message, path)