diff options
| author | Arun Raghavan <arun@arunraghavan.net> | 2016-06-01 17:18:35 +0530 |
|---|---|---|
| committer | Arun Raghavan <arun@arunraghavan.net> | 2016-06-22 21:04:47 +0530 |
| commit | 5b1bd849023bcbf495cdb91eef9552734efb9ca2 (patch) | |
| tree | 74f118556ae726e51e2e73cc52aec4add2a67c97 /src | |
| parent | 777a5091f613d1a2cf67248e33da3a8961ab9bbb (diff) | |
json: Handle error cases while parsing numbers
Signed-off-by: Arun Raghavan <arun@arunraghavan.net>
Diffstat (limited to 'src')
| -rw-r--r-- | src/pulse/json.c | 27 | ||||
| -rw-r--r-- | src/tests/json-test.c | 4 |
2 files changed, 30 insertions, 1 deletions
diff --git a/src/pulse/json.c b/src/pulse/json.c index d77c7adcd..3c89a85e5 100644 --- a/src/pulse/json.c +++ b/src/pulse/json.c @@ -194,7 +194,7 @@ error: } static const char* parse_number(const char *str, pa_json_object *obj) { - bool negative = false, has_fraction = false, has_exponent = false; + bool negative = false, has_fraction = false, has_exponent = false, valid = false; unsigned int integer = 0; unsigned int fraction = 0; unsigned int fraction_digits = 0; @@ -206,11 +206,14 @@ static const char* parse_number(const char *str, pa_json_object *obj) { } if (*str == '0') { + valid = true; str++; goto fraction; } while (is_digit(*str)) { + valid = true; + if (integer > ((negative ? INT_MAX : UINT_MAX) / 10)) { pa_log("Integer overflow while parsing number"); goto error; @@ -221,11 +224,20 @@ static const char* parse_number(const char *str, pa_json_object *obj) { } fraction: + + if (!valid) { + pa_log("Missing digits while parsing number"); + goto error; + } + if (*str == '.') { has_fraction = true; str++; + valid = false; while (is_digit(*str)) { + valid = true; + if (fraction > (UINT_MAX / 10)) { pa_log("Integer overflow while parsing fractional part of number"); goto error; @@ -235,6 +247,11 @@ fraction: fraction_digits++; str++; } + + if (!valid) { + pa_log("No digit after '.' while parsing fraction"); + goto error; + } } if (*str == 'e' || *str == 'E') { @@ -242,6 +259,7 @@ fraction: has_exponent = true; str++; + valid = false; if (*str == '-') { exponent_negative = true; @@ -250,6 +268,8 @@ fraction: str++; while (is_digit(*str)) { + valid = true; + if (exponent > (INT_MAX / 10)) { pa_log("Integer overflow while parsing exponent part of number"); goto error; @@ -259,6 +279,11 @@ fraction: str++; } + if (!valid) { + pa_log("No digit in exponent while parsing fraction"); + goto error; + } + if (exponent_negative) exponent *= -1; } diff --git a/src/tests/json-test.c b/src/tests/json-test.c index a5f1f74cc..ca92877c0 100644 --- a/src/tests/json-test.c +++ b/src/tests/json-test.c @@ -223,6 +223,10 @@ START_TEST(bad_test) { "123456789012345678901234567890" /* Overflow */, "0.123456789012345678901234567890" /* Overflow */, "1e123456789012345678901234567890" /* Overflow */, + "1e" /* Bad number string */, + "1." /* Bad number string */, + "1.e3" /* Bad number string */, + "-" /* Bad number string */, }; for (i = 0; i < PA_ELEMENTSOF(bad_parse); i++) { |