Age | Commit message (Collapse) | Author | Files | Lines |
|
Tightening the number parsing algorithm
|
|
Some badly formated "numbers" could get partly parsed,
resulting in truncated results instead of raising an
error.
Examples :
'1.2.3' -> (double)1.2
'2015-01-15' -> (int)2015
This patch is not perfect (ex: input can still end with a 'E', which
is forbidden by json.org doc) but should avoid non-sensically
formated input.
Tests added.
|
|
|
|
else in bits.h deprecated.
Eliminate all uses of bits.h within the json-c code.
|
|
|
|
* CVE-2013-6371: hash collision denial of service
* CVE-2013-6370: buffer overflow if size_t is larger than int
|
|
while, and json_tokener_error_desc() should be used instead.
|
|
|
|
|
|
|
|
Only allow lowercase literals in STRICT mode
|
|
json_tokener_error_desc().
|
|
|
|
string representation of a double to be specified when creating the object and use it in json_tokener_parse_ex() so a re-serialized object more exactly matches the input.
Add json_object_free_userdata() and json_object_userdata_to_json_string() too.
|
|
Remove redefinition of strndup() which is no longer used in the codebase
|
|
more strictness
|
|
Found by Coverity. The number of elements of an array 'ar' is found by
sizeof(ar)/sizeof(ar[0]) and not sizeof(ar)
76const char *json_tokener_error_desc(enum json_tokener_error jerr)
77{
78 int jerr_int = (int)jerr;
1. Condition "jerr_int < 0", taking false branch
2. Condition "jerr_int > 112 /* (int)sizeof (gdal_json_tokener_errors) */", taking false branch
79 if (jerr_int < 0 || jerr_int > (int)sizeof(json_tokener_errors))
80 return "Unknown error, invalid json_tokener_error value passed to json_tokener_error_desc()";
CID 1076806 (#1 of 1): Out-of-bounds read (OVERRUN)3. overrun-local: Overrunning array "gdal_json_tokener_errors" of 14 8-byte elements at element index 112 (byte offset 896) using index "jerr" (which evaluates to 112).
81 return json_tokener_errors[jerr];
82}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
the end of arrays and objects.
|
|
We forget to check or use the return value of the ADVANCE_CHAR macro,
and upon compilation an error is thrown because of its lack of use. This
patch checks to see if the macro was successful, and if not replaces the
offending character with a replacement.
|
|
While parsing token data, we use the POP_CHAR macro to 'peek' at
character data. This behaviour is noted in the comments for the macro,
yet the definition is left as 'pop'. Changing to PEEK_CHAR does not
imply that the character being observed is removed.
|
|
Conflicts:
json_util.c
|
|
|
|
Make maximum recursion depth a runtime option
|
|
|
|
fix json_tokener_parse() to work properly with embedded unicode \u0000 values in strings.
Adjust test_null to check for this case.
See also http://bugs.debian.org/687269
|
|
|
|
|
|
f, not a literal formfeed) and extend the test_parse test to check all valid escape sequences.
|
|
with #define HAVE_X where #define HAVE_X 1|0 is meant.
|
|
|
|
multiple objects. Now, json_tokener_reset() does not need to be called after a valid object is parsed.
|
|
json_tokener_parse to use that instead of json_tokener_parse_ex.
Fix a typo in the string represenations of the json_tokener_error_depth error (s/to deep/too deep/)
|
|
encapsulate the process of retrieving errors while parsing.
Add documentation for the json_tokener_parse_ex() function.
|
|
|
|
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@62 327403b1-1117-474d-bef2-5cb71233fd97
|
|
omit the range check during parsing since we already have the checks when
accessing the value. There is no longer a json_type_int64, only json_type_int.
Fix some problems with parsing 0 and -0 values, and add a couple of tests.
Fix some minor compile issues on HPUX environments.
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@60 327403b1-1117-474d-bef2-5cb71233fd97
|
|
json_object_get_int64. Binary compatibility preserved.
Eric Haszlakiewicz, EHASZLA at transunion com
Rui Miguel Silva Seabra, rms at 1407 dot org
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@56 327403b1-1117-474d-bef2-5cb71233fd97
|
|
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@53 327403b1-1117-474d-bef2-5cb71233fd97
|
|
Ian Atha, thatha at yahoo-inc dot com
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@43 327403b1-1117-474d-bef2-5cb71233fd97
|
|
Eric Haszlakiewicz, EHASZLA at transunion dot com
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@42 327403b1-1117-474d-bef2-5cb71233fd97
|
|
Fix any noticeable spelling or grammar errors.
Make sure every va_start has a va_end.
Check all pointers for validity.
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@41 327403b1-1117-474d-bef2-5cb71233fd97
|
|
-- Brent Miller, bdmiller at yahoo dash inc dot com
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@34 327403b1-1117-474d-bef2-5cb71233fd97
|
|
* Add casts from void* to type of assignment when using malloc
* Add #ifdef __cplusplus guards to all of the headers
* Add typedefs for json_object, json_tokener, array_list, printbuf, lh_table
Michael Clark, <michael@metaparadigm.com>
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@33 327403b1-1117-474d-bef2-5cb71233fd97
|
|
to not return TRUE for zero length string. Remove redundant includes.
Erik Hovland, erik at hovland dot org
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@31 327403b1-1117-474d-bef2-5cb71233fd97
|