Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(parse): reject numeric strings with non-numbers #2729

Merged
merged 2 commits into from
Sep 2, 2021
Merged

fix(parse): reject numeric strings with non-numbers #2729

merged 2 commits into from
Sep 2, 2021

Conversation

JordonPhillips
Copy link
Member

@JordonPhillips JordonPhillips commented Aug 30, 2021
edited

Issue

N/A

Description

This updates the number parsing utilities to reject strings like "1A", which parseFloat would ordinarily happily accept as the value 1. It also updates it to reject the wide swath of alternative number formats that JS numbers can have.

Testing

Additional unit tests were added.

Additional context

Add any other context about the PR here.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@codecov-commenter
Copy link

codecov-commenter commented Aug 30, 2021
edited

Codecov Report

❗ No coverage uploaded for pull request base (main@05a7701). Click here to learn what that means.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #2729   +/-   ##
=======================================
  Coverage        ?   61.40%           
=======================================
  Files           ?      539           
  Lines           ?    27513           
  Branches        ?     6718           
=======================================
  Hits            ?    16893           
  Misses          ?    10620           
  Partials        ?        0

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 05a7701...98d43f9. Read the comment docs.

@JordonPhillips JordonPhillips force-pushed the trailing-letters branch 2 times, most recently from 06e15fd to 1fee7ae Compare September 1, 2021 15:49
@JordonPhillips
fix(parse): reject numeric strings with non-numbers
55bdaaa 
This updates the number parsing utilities to reject strings like
"1A", which `parseFloat` would ordinarily happily accept as the
value `1`.
adamthom-amzn
adamthom-amzn approved these changes Sep 1, 2021
View reviewed changes
packages/smithy-client/src/parse-utils.ts Outdated Show resolved Hide resolved
packages/smithy-client/src/parse-utils.ts

const parseNumber = (value: string): number => {
const matches = value.match(NUMBER_REGEX);
if (matches === null || matches[0].length !== value.length) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you anchor the regex so you can just use RegExp.test and not have to check the length of the match?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hahaha your faith in js is heartwarming, no it'll match partials anyway

AllanZhengYP
AllanZhengYP approved these changes Sep 1, 2021
View reviewed changes
packages/smithy-client/src/parse-utils.ts
// * Exponent indicated by a case-insensitive 'E' optionally followed by a
// positive/negative sign and some number of digits.
// It also matches both positive and negative infinity as well and explicit NaN.
const NUMBER_REGEX = /(-?(?:0|[1-9]\d*)(?:\.\d+)?(?:[eE][+-]?\d+)?)|(-?Infinity)|(NaN)/g;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nit: Is this too strict? parseFloat() handles strings leading with "0" just fine.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might be overkill at this point (I think the concern was stuff like this) but we can always loosen this later. It's much more difficult to tighten it.

@JordonPhillips JordonPhillips merged commit afeccd7 into aws:main Sep 2, 2021
@JordonPhillips JordonPhillips mentioned this pull request Sep 3, 2021
Merged
@github-actions
Copy link

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 17, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@adamthom-amzn adamthom-amzn adamthom-amzn approved these changes

@AllanZhengYP AllanZhengYP AllanZhengYP approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@JordonPhillips @codecov-commenter @AllanZhengYP @adamthom-amzn