From 9d8f6d9fc2a91f20dfc1d3c531459f37fa642a49 Mon Sep 17 00:00:00 2001 From: David Steele Date: Fri, 24 Jul 2020 10:47:51 -0400 Subject: [PATCH] Error in jsonToVar() when input not entirely consumed. Something like 3="string" would return an Int64 variant and ignore the invalid portion after the integer. Other JSON interface functions have this check but it was forgotten here. There are no current issues because of this but we want to be able to validate arbitrary JSON strings and this function was not working correctly for that usage. --- src/common/type/json.c | 7 ++++++- test/src/module/common/typeJsonTest.c | 1 + 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/src/common/type/json.c b/src/common/type/json.c index 1a3cc913c0..e9c2cfde6f 100644 --- a/src/common/type/json.c +++ b/src/common/type/json.c @@ -584,7 +584,12 @@ jsonToVar(const String *json) const char *jsonPtr = strPtr(json); unsigned int jsonPos = 0; - FUNCTION_LOG_RETURN(VARIANT, jsonToVarInternal(jsonPtr, &jsonPos)); + Variant *result = jsonToVarInternal(jsonPtr, &jsonPos); + + if (jsonPos != strSize(json)) + THROW_FMT(JsonFormatError, "unexpected characters after JSON at '%s'", strPtr(json) + jsonPos); + + FUNCTION_LOG_RETURN(VARIANT, result); } /**********************************************************************************************************************************/ diff --git a/test/src/module/common/typeJsonTest.c b/test/src/module/common/typeJsonTest.c index e79f3028ed..c23dbe9e81 100644 --- a/test/src/module/common/typeJsonTest.c +++ b/test/src/module/common/typeJsonTest.c @@ -72,6 +72,7 @@ testRun(void) TEST_ERROR(jsonToVar(strNew("")), JsonFormatError, "expected data"); TEST_ERROR(jsonToVar(strNew(" \t\r\n ")), JsonFormatError, "expected data"); TEST_ERROR(jsonToVar(strNew("z")), JsonFormatError, "invalid type at 'z'"); + TEST_ERROR(jsonToVar(strNew("3 =")), JsonFormatError, "unexpected characters after JSON at '='"); // ------------------------------------------------------------------------------------------------------------------------- TEST_RESULT_STR_Z(varStr(jsonToVar(strNew(" \"test\""))), "test", "simple string");