diff options
author | Arun Raghavan <arun@arunraghavan.net> | 2016-06-01 17:18:35 +0530 |
---|---|---|
committer | Arun Raghavan <arun@arunraghavan.net> | 2016-06-22 21:04:47 +0530 |
commit | 5b1bd849023bcbf495cdb91eef9552734efb9ca2 (patch) | |
tree | 74f118556ae726e51e2e73cc52aec4add2a67c97 /src/pulse | |
parent | 777a5091f613d1a2cf67248e33da3a8961ab9bbb (diff) |
json: Handle error cases while parsing numbers
Signed-off-by: Arun Raghavan <arun@arunraghavan.net>
Diffstat (limited to 'src/pulse')
-rw-r--r-- | src/pulse/json.c | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/src/pulse/json.c b/src/pulse/json.c index d77c7adcd..3c89a85e5 100644 --- a/src/pulse/json.c +++ b/src/pulse/json.c @@ -194,7 +194,7 @@ error: } static const char* parse_number(const char *str, pa_json_object *obj) { - bool negative = false, has_fraction = false, has_exponent = false; + bool negative = false, has_fraction = false, has_exponent = false, valid = false; unsigned int integer = 0; unsigned int fraction = 0; unsigned int fraction_digits = 0; @@ -206,11 +206,14 @@ static const char* parse_number(const char *str, pa_json_object *obj) { } if (*str == '0') { + valid = true; str++; goto fraction; } while (is_digit(*str)) { + valid = true; + if (integer > ((negative ? INT_MAX : UINT_MAX) / 10)) { pa_log("Integer overflow while parsing number"); goto error; @@ -221,11 +224,20 @@ static const char* parse_number(const char *str, pa_json_object *obj) { } fraction: + + if (!valid) { + pa_log("Missing digits while parsing number"); + goto error; + } + if (*str == '.') { has_fraction = true; str++; + valid = false; while (is_digit(*str)) { + valid = true; + if (fraction > (UINT_MAX / 10)) { pa_log("Integer overflow while parsing fractional part of number"); goto error; @@ -235,6 +247,11 @@ fraction: fraction_digits++; str++; } + + if (!valid) { + pa_log("No digit after '.' while parsing fraction"); + goto error; + } } if (*str == 'e' || *str == 'E') { @@ -242,6 +259,7 @@ fraction: has_exponent = true; str++; + valid = false; if (*str == '-') { exponent_negative = true; @@ -250,6 +268,8 @@ fraction: str++; while (is_digit(*str)) { + valid = true; + if (exponent > (INT_MAX / 10)) { pa_log("Integer overflow while parsing exponent part of number"); goto error; @@ -259,6 +279,11 @@ fraction: str++; } + if (!valid) { + pa_log("No digit in exponent while parsing fraction"); + goto error; + } + if (exponent_negative) exponent *= -1; } |