-
Notifications
You must be signed in to change notification settings - Fork 434
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Get() key search can bleed through levels of JSON hierarchy #5
Comments
Good point, i have few ideas how to fix it, will keep you updated, thanks! |
Should be fixed now, for each next key it will limit scope to parent key object. |
Sorry to say, your patch only fixes the second failing assertion, but not the first (which I think is the more difficult one, sadly). |
I see what you mean, thank you for pointing. Yes, it is definitely a bit harder, will try to get it fixed. |
For what it's worth, my suggestion would be to use your parsing functions to more carefully step through the keys in an object. A (very) rough sketch:
Unfortunately this won't be nearly as efficient as bytes.Index, so perhaps there is a more efficient way. |
I found another case that breaks the current parser: key
|
Can you try this branch https://github.com/buger/jsonparser/tree/key-search, i rewrote how key search works. Thanks! |
(to test branch, create vendor folder and put jsonparser to vendor/github.com/buger/jsonparser, then checkout needed branch there) |
Thanks, I'll check it in a little while. I'll also make a PR with the tests above for your convenience. Thanks for tackling this! |
Your key-search branch passes the three cases identified in this issue (test cases added in #7). Thanks! |
Merged to master, thanks! |
I want to first thank you, @buger, for your work on this library. Looking up a few JSON key paths in large JSON blobs is a significant bottleneck in a project I'm working on, and your library could give us a big speedup without changing our data format.
Unfortunately, I've discovered an issue in Get(): when searching for a key, Get() may locate that key outside the current JSON object. Here is an example test case that breaks (written using check.v1):
The issue is that Get() uses bytes.Index() to find the next key it's looking for, but only validates it by checking that it is surrounded by double quotes and followed by a colon. In particular, it does not check whether it has crossed an unmatched sequence of braces, which would indicate transitioning into another JSON object level.
I don't have a great suggestion as to how to fix this, sadly. Best of luck.
The text was updated successfully, but these errors were encountered: