summaryrefslogtreecommitdiff
path: root/src/pulse
diff options
context:
space:
mode:
authorArun Raghavan <arun@arunraghavan.net>2016-06-01 17:18:35 +0530
committerArun Raghavan <arun@arunraghavan.net>2016-06-22 21:04:47 +0530
commit5b1bd849023bcbf495cdb91eef9552734efb9ca2 (patch)
tree74f118556ae726e51e2e73cc52aec4add2a67c97 /src/pulse
parent777a5091f613d1a2cf67248e33da3a8961ab9bbb (diff)
json: Handle error cases while parsing numbers
Signed-off-by: Arun Raghavan <arun@arunraghavan.net>
Diffstat (limited to 'src/pulse')
-rw-r--r--src/pulse/json.c27
1 files changed, 26 insertions, 1 deletions
diff --git a/src/pulse/json.c b/src/pulse/json.c
index d77c7adcd..3c89a85e5 100644
--- a/src/pulse/json.c
+++ b/src/pulse/json.c
@@ -194,7 +194,7 @@ error:
}
static const char* parse_number(const char *str, pa_json_object *obj) {
- bool negative = false, has_fraction = false, has_exponent = false;
+ bool negative = false, has_fraction = false, has_exponent = false, valid = false;
unsigned int integer = 0;
unsigned int fraction = 0;
unsigned int fraction_digits = 0;
@@ -206,11 +206,14 @@ static const char* parse_number(const char *str, pa_json_object *obj) {
}
if (*str == '0') {
+ valid = true;
str++;
goto fraction;
}
while (is_digit(*str)) {
+ valid = true;
+
if (integer > ((negative ? INT_MAX : UINT_MAX) / 10)) {
pa_log("Integer overflow while parsing number");
goto error;
@@ -221,11 +224,20 @@ static const char* parse_number(const char *str, pa_json_object *obj) {
}
fraction:
+
+ if (!valid) {
+ pa_log("Missing digits while parsing number");
+ goto error;
+ }
+
if (*str == '.') {
has_fraction = true;
str++;
+ valid = false;
while (is_digit(*str)) {
+ valid = true;
+
if (fraction > (UINT_MAX / 10)) {
pa_log("Integer overflow while parsing fractional part of number");
goto error;
@@ -235,6 +247,11 @@ fraction:
fraction_digits++;
str++;
}
+
+ if (!valid) {
+ pa_log("No digit after '.' while parsing fraction");
+ goto error;
+ }
}
if (*str == 'e' || *str == 'E') {
@@ -242,6 +259,7 @@ fraction:
has_exponent = true;
str++;
+ valid = false;
if (*str == '-') {
exponent_negative = true;
@@ -250,6 +268,8 @@ fraction:
str++;
while (is_digit(*str)) {
+ valid = true;
+
if (exponent > (INT_MAX / 10)) {
pa_log("Integer overflow while parsing exponent part of number");
goto error;
@@ -259,6 +279,11 @@ fraction:
str++;
}
+ if (!valid) {
+ pa_log("No digit in exponent while parsing fraction");
+ goto error;
+ }
+
if (exponent_negative)
exponent *= -1;
}