From bda0540cb990b56fea7903f93e3829a02bf7b42e Mon Sep 17 00:00:00 2001
From: Andrea Faulds <ajf@ajf.me>
Date: Thu, 14 Nov 2013 21:13:32 +0000
Subject: Only allow lowercase literals in STRICT mode

---
 json_tokener.c    | 78 ++++++++++++++++++++++++++++++++-----------------------
 tests/Makefile.am |  5 +++-
 2 files changed, 50 insertions(+), 33 deletions(-)

diff --git a/json_tokener.c b/json_tokener.c
index a2a598b..7c59603 100644
--- a/json_tokener.c
+++ b/json_tokener.c
@@ -322,20 +322,26 @@ struct json_object* json_tokener_parse_ex(struct json_tokener *tok,
       goto redo_char;
 
     case json_tokener_state_null:
-      printbuf_memappend_fast(tok->pb, &c, 1);
-      if(strncasecmp(json_null_str, tok->pb->buf,
-		     json_min(tok->st_pos+1, (int)strlen(json_null_str))) == 0) {
-	if(tok->st_pos == (int)strlen(json_null_str)) {
-	  current = NULL;
-	  saved_state = json_tokener_state_finish;
-	  state = json_tokener_state_eatws;
-	  goto redo_char;
+      {
+	int size;
+	printbuf_memappend_fast(tok->pb, &c, 1);
+	size = json_min(tok->st_pos+1, (int)strlen(json_null_str));
+	if((!(tok->flags & JSON_TOKENER_STRICT) &&
+	  strncasecmp(json_null_str, tok->pb->buf, size) == 0)
+	  || (strncmp(json_null_str, tok->pb->buf, size) == 0)
+	  ) {
+	  if(tok->st_pos == (int)strlen(json_null_str)) {
+	    current = NULL;
+	    saved_state = json_tokener_state_finish;
+	    state = json_tokener_state_eatws;
+	    goto redo_char;
+	  }
+	} else {
+	  tok->err = json_tokener_error_parse_null;
+	  goto out;
 	}
-      } else {
-	tok->err = json_tokener_error_parse_null;
-	goto out;
+	tok->st_pos++;
       }
-      tok->st_pos++;
       break;
 
     case json_tokener_state_comment_start:
@@ -548,28 +554,36 @@ struct json_object* json_tokener_parse_ex(struct json_tokener *tok,
       break;
 
     case json_tokener_state_boolean:
-      printbuf_memappend_fast(tok->pb, &c, 1);
-      if(strncasecmp(json_true_str, tok->pb->buf,
-		     json_min(tok->st_pos+1, (int)strlen(json_true_str))) == 0) {
-	if(tok->st_pos == (int)strlen(json_true_str)) {
-	  current = json_object_new_boolean(1);
-	  saved_state = json_tokener_state_finish;
-	  state = json_tokener_state_eatws;
-	  goto redo_char;
-	}
-      } else if(strncasecmp(json_false_str, tok->pb->buf,
-			    json_min(tok->st_pos+1, (int)strlen(json_false_str))) == 0) {
-	if(tok->st_pos == (int)strlen(json_false_str)) {
-	  current = json_object_new_boolean(0);
-	  saved_state = json_tokener_state_finish;
-	  state = json_tokener_state_eatws;
-	  goto redo_char;
+      {
+	int size1, size2;
+	printbuf_memappend_fast(tok->pb, &c, 1);
+	size1 = json_min(tok->st_pos+1, (int)strlen(json_true_str));
+	size2 = json_min(tok->st_pos+1, (int)strlen(json_false_str));
+	if((!(tok->flags & JSON_TOKENER_STRICT) &&
+	  strncasecmp(json_true_str, tok->pb->buf, size1) == 0)
+	  || (strncmp(json_true_str, tok->pb->buf, size1) == 0)
+	  ) {
+	  if(tok->st_pos == (int)strlen(json_true_str)) {
+	    current = json_object_new_boolean(1);
+	    saved_state = json_tokener_state_finish;
+	    state = json_tokener_state_eatws;
+	    goto redo_char;
+	  }
+	} else if((!(tok->flags & JSON_TOKENER_STRICT) &&
+	  strncasecmp(json_false_str, tok->pb->buf, size2) == 0)
+	  || (strncmp(json_false_str, tok->pb->buf, size2) == 0)) {
+	  if(tok->st_pos == (int)strlen(json_false_str)) {
+	    current = json_object_new_boolean(0);
+	    saved_state = json_tokener_state_finish;
+	    state = json_tokener_state_eatws;
+	    goto redo_char;
+	  }
+	} else {
+	  tok->err = json_tokener_error_parse_boolean;
+	  goto out;
 	}
-      } else {
-	tok->err = json_tokener_error_parse_boolean;
-	goto out;
+	tok->st_pos++;
       }
-      tok->st_pos++;
       break;
 
     case json_tokener_state_number:
diff --git a/tests/Makefile.am b/tests/Makefile.am
index c6123ed..4fb3cb8 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -12,6 +12,7 @@ check_PROGRAMS += test_null
 check_PROGRAMS += test_cast
 check_PROGRAMS += test_parse
 check_PROGRAMS += test_locale
+check_PROGRAMS += test_case
 
 test1_LDADD = $(LIBJSON_LA)
 
@@ -39,7 +40,9 @@ test_parse_LDADD = $(LIBJSON_LA)
 
 test_locale_LDADD = $(LIBJSON_LA)
 
-TESTS = test1.test test2.test test4.test testReplaceExisting.test parse_int64.test test_null.test test_cast.test test_parse.test test_locale.test
+test_case_LDADD = $(LIBJSON_LA)
+
+TESTS = test1.test test2.test test4.test testReplaceExisting.test parse_int64.test test_null.test test_cast.test test_parse.test test_locale.test test_case.test
 
 TESTS+= test_printbuf.test
 check_PROGRAMS+=test_printbuf
-- 
cgit v1.2.3