Skip to content

Commit

Permalink
Merge pull request #54 from tdakkota/fix/validate-tag-utf8
Browse files Browse the repository at this point in the history 
fix: validate UTF-8 inside tag during parsing
  • Loading branch information
@tdakkota
tdakkota committed Apr 13, 2023
2 parents 01c0d21 + 92f6fe7 commit efa05be
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 5 deletions.
4 changes: 1 addition & 3 deletions decode.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,9 +112,7 @@ func (p *parser) fail() {
return
}

var (
line, column int
)
var line, column int
if p.parser.context_mark.line != 0 {
line = p.parser.context_mark.line
column = p.parser.context_mark.column
Expand Down
6 changes: 4 additions & 2 deletions decode_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,7 +289,6 @@ var unmarshalTests = []struct {
},
},
{

"- a?string\n- another ? string\n- key: value?\n- [a?string]\n- [another ? string]\n- {key: value? }\n- {key: value?}\n- {key?: value }\n",
[]any{
"a?string",
Expand Down Expand Up @@ -1265,7 +1264,7 @@ func TestDecoder(t *testing.T) {
}

func TestDecoderReadError(t *testing.T) {
var testError = errors.New("some read error")
testError := errors.New("some read error")
err := yaml.NewDecoder(iotest.ErrReader(testError)).Decode(&struct{}{})
require.ErrorIs(t, err, testError)
}
Expand Down Expand Up @@ -1483,6 +1482,9 @@ var unmarshalErrorTests = []struct {
{"a: foo\nb: *\n", "yaml: line 2:3: did not find expected alphabetic or numeric character"},
{"a: foo\nb: *,\n", "yaml: line 2:3: did not find expected alphabetic or numeric character"},

// Invalid tag UTF-8.
{"a: !%C0%80 bar", "yaml: offset 3: tag contains invalid UTF-8"},

// From https://github.com/go-yaml/yaml/pull/921.
{"a:\n- b: *,", `yaml: line 2:5: did not find expected alphabetic or numeric character`},
{"a:\n- b: *a{", `yaml: line 2:5: did not find expected alphabetic or numeric character`},
Expand Down
9 changes: 9 additions & 0 deletions parserc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ package yaml

import (
"bytes"
"unicode/utf8"
)

// The parser implements the following grammar:
Expand Down Expand Up @@ -547,6 +548,14 @@ func yaml_parser_parse_node(parser *yaml_parser_t, event *yaml_event_t, block, i
}
}
}
if len(tag) > 0 {
if !utf8.Valid(tag) {
yaml_parser_set_parser_error_context(parser,
"while parsing a node", start_mark,
"tag contains invalid UTF-8", tag_mark)
return false
}
}

implicit := len(tag) == 0
if indentless_sequence && token.typ == yaml_BLOCK_ENTRY_TOKEN {
Expand Down

0 comments on commit efa05be

Please sign in to comment.