feat(JOHNZON-397): allow to configure the scale limit for backward compatibility
diff --git a/johnzon-core/src/main/java/org/apache/johnzon/core/JsonNumberImpl.java b/johnzon-core/src/main/java/org/apache/johnzon/core/JsonNumberImpl.java
index 60fd4a8..8513a0e 100644
--- a/johnzon-core/src/main/java/org/apache/johnzon/core/JsonNumberImpl.java
+++ b/johnzon-core/src/main/java/org/apache/johnzon/core/JsonNumberImpl.java
@@ -26,6 +26,7 @@
final class JsonNumberImpl implements JsonNumber, Serializable {
private final BigDecimal value;
private transient Integer hashCode = null;
+ private static final int MAX_BIG_DECIMAL_SCALE = toInt(System.getProperty("johnzon.max-big-decimal-scale", "1000"));
JsonNumberImpl(final BigDecimal decimal) {
if (decimal == null) {
@@ -123,13 +124,17 @@
private void checkBigDecimalScale() {
// should be fine enough. Maybe we should externalize so users can pick something better if they need to
// it becomes their responsibility to fix the limit and may expose them to a DoS attack
- final int limit = 1_000;
+ final int limit = MAX_BIG_DECIMAL_SCALE;
final int absScale = Math.abs(value.scale());
if (absScale > limit) {
throw new ArithmeticException(String.format(
- "BigDecimal scale (%d) magnitude exceeds maximum allowed (%d)",
+ "BigDecimal scale (%d) limit exceeds maximum allowed (%d)",
value.scale(), limit));
}
}
+
+ private static Integer toInt(final Object v) {
+ return !Integer.class.isInstance(v) ? Integer.parseInt(v.toString()) : Integer.class.cast(v);
+ }
}