Stack Exhaustion In Tensorflow Serving

An attacker sends a crafted JSON request to a TensorFlow Serving endpoint with deeply nested objects or arrays. When the server attempts to stringify the JSON value for error reporting or debugging (e.g., via `TypeError`, `Base64FormatError`, or `FormatError`), the original `JsonValueToString()` function recursively traverses the entire nested structure without a depth or size limit. This unbounded recursion can exhaust the call stack, causing the server process to crash (denial of service). No authentication is required if the serving endpoint is exposed [ref_id=1].

The vulnerability resides in `tensorflow_serving/util/json_tensor.cc`. The original `JsonValueToString()` function (line ~169) called `val.Accept(writer)` on the raw `rapidjson::Value` without any size limit, allowing deeply nested JSON structures to cause unbounded recursion. The patch replaces this with `JsonValueToDebugString()` which uses a new `JsonWriterWithLimit` class that caps output at `kMaxJsonDebugStringBytes` (256 bytes). Additionally, `ParseJson()` was changed from recursive parsing to iterative parsing via `rapidjson::kParseIterativeFlag` [ref_id=1].

The patch introduces two defenses. First, a new `JsonWriterWithLimit` class wraps the rapidjson writer and checks `buffer_->GetSize() < max_bytes_` before writing any token, truncating output at 256 bytes to prevent deep recursion during stringification. Second, the `ParseJson()` function now uses `rapidjson::kParseIterativeFlag` instead of the default recursive parser, preventing stack overflow during the initial JSON parse of deeply nested input. The old `JsonValueToString()` is renamed to `JsonValueToDebugString()` and all call sites are updated [ref_id=1].