Skip to content
Permalink
Browse files

fix invalid string to float convertion, see #27

  • Loading branch information
remicollet committed Feb 24, 2016
1 parent c0ffe9b commit c24fdc695810f16f57f6ca1b4dda11f7a8b74310
Showing with 93 additions and 4 deletions.
  1. +15 −2 json-c/json_tokener.c
  2. +3 −2 package.xml
  3. +75 −0 tests/json_decode_float.phpt
@@ -638,8 +638,21 @@ struct json_object* json_tokener_parse_ex(struct json_tokener *tok,

while(c && strchr(json_number_chars, c)) {
++case_len;
if(c == '.' || c == 'e' || c == 'E')
tok->is_double = 1;
if(c == '.') {
if (tok->is_double > 1) {
/* double dot, or dot after 'e' */
tok->err = json_tokener_error_parse_number;
goto out;
}
tok->is_double = 2;
} else if (c == 'e' || c == 'E') {
if (tok->is_double > 2) {
/* double 'e' */
tok->err = json_tokener_error_parse_number;
goto out;
}
tok->is_double = 3;
}
if (!ADVANCE_CHAR(str, tok) || !PEEK_CHAR(c, tok)) {
printbuf_memappend_fast(tok->pb, case_start, case_len);
goto out;
@@ -19,7 +19,7 @@ This is a drop-in alternative to PHP standard json extension.
<date>2015-09-15</date>
<time>13:00:00</time>
<version>
<release>1.3.9</release>
<release>1.3.10dev</release>
<api>1.3.0</api>
</version>
<stability>
@@ -28,7 +28,7 @@ This is a drop-in alternative to PHP standard json extension.
</stability>
<license>PHP 3.01</license>
<notes>
- fix #70499 segfault after json_decode
- fix gh#27 invalid string to float convertion
</notes>
<contents>
<dir name="/">
@@ -115,6 +115,7 @@ This is a drop-in alternative to PHP standard json extension.
<file name="inf_nan_error.phpt" role="test" />
<file name="json_decode_basic.phpt" role="test" />
<file name="json_decode_error.phpt" role="test" />
<file name="tests/json_decode_float.phpt" role="test" />
<file name="json_encode_basic.phpt" role="test" />
<file name="json_encode_basic_utf8.phpt" role="test" />
<file name="json_encode_error.phpt" role="test" />
@@ -0,0 +1,75 @@
--TEST--
Test json_decode() function with float
--SKIPIF--
<?php
if (!extension_loaded("json")) {
die('skip JSON extension not available in this build');
}
?>
--FILE--
<?php
$good = "[
3.367369e+26,
336736864456782105775439872.000000,
1.461826e-08,
0.000000,
1.391588e+22,
13915880780094861475840.000000,
2.116600e+23,
211660013157571985670144.000000,
1.120987e+32,
112098729821300864932370706333696.000000,
1.041024e-23,
0.000000,
4.131437e-13,
0.000000,
9.838910e+20,
983890996017493966848.000000,
1.540887e-17,
0.000000,
2.975840e+04,
29758.400391,
3.792641e-02,
0.037926,
1.710219e+10,
17102187520.000000,
8.060742e-11,
0.000000,
2.289013e+01,
22.890127,
1.471131e+35,
147113100255597364294271623793475584.000000,
2.508427e+32,
250842668277236002726935414177792.000000,
5.986161e+10,
59861614592.000000,
1.173108e+17,
117310761037987840.000000,
5.049736e-28,
0.000000,
3.715233e+08,
371523328.000000,
0
]";
$d = json_decode($good);
var_dump(is_array($d), count($d));

$bad = array(
"12.34.56.78",
"12.34e12.34",
"12e34e56",
"12e34.56",
);
foreach($bad as $t) {
var_dump(json_decode($t));
}
?>
Done
--EXPECT--
bool(true)
int(41)
NULL
NULL
NULL
NULL
Done

0 comments on commit c24fdc6

Please sign in to comment.
You can’t perform that action at this time.