Support configurable limit on depth of JSON parsing

tests/regression/rule/15-json.t

@@ -156,5 +156,74 @@
 			),
 		),
 	),
+},
+{
+	type => "rule",
+	comment => "json parser - parsing depth not exceeded",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecDebugLog $ENV{DEBUG_LOG}
+		SecDebugLogLevel 9
+		SecRequestBodyJsonDepthLimit 5
+		SecRule REQUEST_HEADERS:Content-Type "application/json" \\
+		     "id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
+		SecRule REQBODY_ERROR "!\@eq 0" "id:'200442',phase:2,log,deny,status:403,msg:'Failed to parse request body'"
+	),
+	match_log => {
+		debug => [ qr/key/s, 1 ],
+	},
+	match_response => {
+		status => qr/^200$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/json",
+		],
+		normalize_raw_request_data(
+			q(
+				{
+					"key1":{"key2":{"key3":{"key4":{"key5":"thevalue"}}}}
+				}
+			),
+		),
+	),
+},
+{
+	type => "rule",
+	comment => "json parser - parsing depth exceeded",
+	conf => qq(
+		SecRuleEngine On
+		SecRequestBodyAccess On
+		SecDebugLog $ENV{DEBUG_LOG}
+                SecAuditEngine RelevantOnly
+                SecAuditLog "$ENV{AUDIT_LOG}"
+		SecDebugLogLevel 9
+		SecRequestBodyJsonDepthLimit 3
+		SecRule REQUEST_HEADERS:Content-Type "application/json" \\
+		     "id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON"
+		SecRule REQBODY_ERROR "!\@eq 0" "id:'200443',phase:2,log,deny,status:403,msg:'Failed to parse request body'"
+	),
+	match_log => {
+		audit => [ qr/JSON parsing error: JSON depth limit exceeded/s, 1 ],
+	},
+	match_response => {
+		status => qr/^403$/,
+	},
+	request => new HTTP::Request(
+		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
+		[
+			"Content-Type" => "application/json",
+		],
+		normalize_raw_request_data(
+			q(
+				{
+					"key1":{"key2":{"key3":{"key4":{"key5":"thevalue"}}}}
+				}
+			),
+		),
+	),
 }
 
+