[ovs-dev] [PATCH] json: Fix parsing of strings that end with a backslash.

Alex Wang alexw at nicira.com
Wed Jun 25 18:05:56 UTC 2014


Looks good to me,

Acked-by: Alex Wang <alexw at nicira.com>

Thx,


On Tue, Jun 24, 2014 at 5:06 PM, Ben Pfaff <blp at nicira.com> wrote:

> json_string_unescape() flagged a backslash at the end of a string as an
> error, but of course "\\" is a valid string.  This fixes the problem.
>
> VMware-BZ: #1275208
> Reported-by: Michael Hu <mhu at nicira.com>
> Signed-off-by: Ben Pfaff <blp at nicira.com>
> ---
>  lib/json.c    |   14 +++++++++-----
>  tests/json.at |    7 +++++++
>  2 files changed, 16 insertions(+), 5 deletions(-)
>
> diff --git a/lib/json.c b/lib/json.c
> index 58b248a..167c40c 100644
> --- a/lib/json.c
> +++ b/lib/json.c
> @@ -1,5 +1,5 @@
>  /*
> - * Copyright (c) 2009, 2010, 2011, 2012 Nicira, Inc.
> + * Copyright (c) 2009, 2010, 2011, 2012, 2014 Nicira, Inc.
>   *
>   * Licensed under the Apache License, Version 2.0 (the "License");
>   * you may not use this file except in compliance with the License.
> @@ -812,10 +812,6 @@ json_string_unescape(const char *in, size_t in_len,
> char **outp)
>
>      ds_init(&out);
>      ds_reserve(&out, in_len);
> -    if (in_len > 0 && in[in_len - 1] == '\\') {
> -        ds_put_cstr(&out, "quoted string may not end with backslash");
> -        goto exit;
> -    }
>      while (in < end) {
>          if (*in == '"') {
>              ds_clear(&out);
> @@ -828,6 +824,14 @@ json_string_unescape(const char *in, size_t in_len,
> char **outp)
>          }
>
>          in++;
> +        if (in >= end) {
> +            /* The JSON parser will never trigger this message, because
> its
> +             * lexer will never pass in a string that ends in a single
> +             * backslash, but json_string_unescape() has other callers
> that
> +             * are not as careful.*/
> +            ds_put_cstr(&out, "quoted string may not end with backslash");
> +            goto exit;
> +        }
>          switch (*in++) {
>          case '"': case '\\': case '/':
>              ds_put_char(&out, in[-1]);
> diff --git a/tests/json.at b/tests/json.at
> index 86ae5fa..8846ac9 100644
> --- a/tests/json.at
> +++ b/tests/json.at
> @@ -120,6 +120,13 @@ JSON_CHECK_NEGATIVE([surrogatess must paired
> properly],
>  JSON_CHECK_NEGATIVE([null bytes not allowed],
>                      [[["\u0000"]]],
>                      [error: null bytes not supported in quoted strings])
> +dnl Check for regression against a prior bug.
> +JSON_CHECK_POSITIVE([properly quoted backslash at end of string],
> +  [[["\\"]]],
> +  [[["\\"]]])
> +JSON_CHECK_NEGATIVE([stray backslash at end of string],
> +  [[["abcd\"]]],
> +  [error: unexpected end of input in quoted string])
>
>  AT_SETUP([end of input in quoted string - C])
>  AT_KEYWORDS([json negative])
> --
> 1.7.10.4
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev
>



More information about the dev mailing list