New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BIGINT handling is broken #223

Open
stevecoug opened this Issue Aug 23, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@stevecoug

stevecoug commented Aug 23, 2018

This is really two issues surrounding the library's handling of integers > 64-bit in the JWT::jsonDecode() method.

  1. The check to make sure we're not using the JSON_C extension is obsolete; that library fixed the issue years ago, so it's okay to use it for BIGINT parsing
  2. The regular expression is not very robust. For example, if given the following JSON string, it will break:
    { "username": "19180152::0518985564035248581be0f2a2a2c913", "test": 12345678901234567890 }
    It will actually add double quotes around a portion of the username string, like so:
    { "username": "19180152:: "0518985564035248581"be0f2a2a2c913", "test": 12345678901234567890 }
    This causes the resulting JSON string to fail to parse.

I considered various ways to fix the regular expression, but making it robust would be extremely difficult. I recommend just dropping support for BIGINT to String conversion for pre-5.4.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment