Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SafeJSON.JSONParse mangles number inside of string literal #145

Closed
ian-eulith opened this issue Nov 6, 2023 · 2 comments · Fixed by #155
Closed

SafeJSON.JSONParse mangles number inside of string literal #145

ian-eulith opened this issue Nov 6, 2023 · 2 comments · Fixed by #155
Assignees
@ganchoradkov

Comments

@ian-eulith
Copy link

We hit this bug while trying to use WalletConnect with Dodo.

Test case:

it("should handle number inside string literal", () => {
  const nested = '{"params":{"proposer":{"metadata":{"description":"Trade Any Token on DODOEX. Swap ETH to WETH at 0.99852536006139370845107244063040676283327993685155310925333096461126073315184832, 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE, 0x82aF49447D8a07e3bd95BD0d56f35241523fBab1"}}}}';
  const result = safeJsonParse(nested);
  chai.expect(result).to.deep.eq(JSON.parse(nested));
});

The problem is that safe-json uses a regex to parse big numbers, but this regex does not respect the structure of JSON objects.

It would also be good if the library didn't swallow the error as this causes problems higher-up which are difficult to diagnose.
@ian-eulith
Copy link
Author

More minimal test case:

it("should handle number inside string literal", () => {
  const nested = '{"x":"12345678901234567,"}';
  const result = safeJsonParse(nested);
  chai.expect(result).to.deep.eq(JSON.parse(nested));
});

@ganchoradkov ganchoradkov self-assigned this Nov 7, 2023
@ian-eulith ian-eulith mentioned this issue Nov 7, 2023
Closed
@arein
Copy link
Member

arein commented Nov 20, 2023

Welcome to submit a pull request with an improvement - will flag this to the team

@ganchoradkov ganchoradkov linked a pull request Dec 8, 2023 that will close this issue
fix: safe json parse #155
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ganchoradkov ganchoradkov

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: safe json parse WalletConnect/walletconnect-utils
3 participants
@arein @ganchoradkov @ian-eulith