Skip to content

Commit

Permalink
add validity check for JSONObject constructors
Browse files Browse the repository at this point in the history
* fixes #713
* document JSONException in JavaDoc
* remove unused Comparable<T> boundary to reuse GenericBean in test
  • Loading branch information
Madjosz committed Oct 4, 2023
1 parent beb2fb5 commit 43b2569
Show file tree
Hide file tree
Showing 3 changed files with 31 additions and 3 deletions.
6 changes: 6 additions & 0 deletions src/main/java/org/json/JSONObject.java
Original file line number Diff line number Diff line change
Expand Up @@ -283,6 +283,7 @@ public JSONObject(Map<?, ?> m) {
}
final Object value = e.getValue();
if (value != null) {
testValidity(value);
this.map.put(String.valueOf(e.getKey()), wrap(value));
}
}
Expand Down Expand Up @@ -346,6 +347,8 @@ public JSONObject(Map<?, ?> m) {
* @param bean
* An object that has getter methods that should be used to make
* a JSONObject.
* @throws JSONException
* If a getter returned a non-finite number.
*/
public JSONObject(Object bean) {
this();
Expand Down Expand Up @@ -1691,6 +1694,8 @@ public String optString(String key, String defaultValue) {
*
* @param bean
* the bean
* @throws JSONException
* If a getter returned a non-finite number.
*/
private void populateMap(Object bean) {
populateMap(bean, Collections.newSetFromMap(new IdentityHashMap<Object, Boolean>()));
Expand Down Expand Up @@ -1726,6 +1731,7 @@ && isValidMethodName(method.getName())) {

objectsRecord.add(result);

testValidity(result);
this.map.put(key, wrap(result, objectsRecord));

objectsRecord.remove(result);
Expand Down
26 changes: 24 additions & 2 deletions src/test/java/org/json/junit/JSONObjectTest.java
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
import static org.junit.Assert.assertNotEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertThrows;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.mock;
Expand Down Expand Up @@ -1972,7 +1973,7 @@ public void jsonObjectToStringIndent() {
@Test
public void jsonObjectToStringSuppressWarningOnCastToMap() {
JSONObject jsonObject = new JSONObject();
Map<String, String> map = new HashMap();
Map<String, String> map = new HashMap<>();
map.put("abc", "def");
jsonObject.put("key", map);

Expand Down Expand Up @@ -3283,7 +3284,7 @@ public void testSingletonEnumBean() {
@SuppressWarnings("boxing")
@Test
public void testGenericBean() {
GenericBean<Integer> bean = new GenericBean(42);
GenericBean<Integer> bean = new GenericBean<>(42);
final JSONObject jo = new JSONObject(bean);
assertEquals(jo.keySet().toString(), 8, jo.length());
assertEquals(42, jo.get("genericValue"));
Expand Down Expand Up @@ -3627,4 +3628,25 @@ public String toJSONString() {
.put("b", 2);
assertFalse(jo1.similar(jo3));
}

private static final Number[] NON_FINITE_NUMBERS = { Double.POSITIVE_INFINITY, Double.NEGATIVE_INFINITY, Double.NaN,
Float.POSITIVE_INFINITY, Float.NEGATIVE_INFINITY, Float.NaN };

@Test
public void issue713MapConstructorWithNonFiniteNumbers() {
for (Number nonFinite : NON_FINITE_NUMBERS) {
Map<String, Number> map = new HashMap<>();
map.put("a", nonFinite);

assertThrows(JSONException.class, () -> new JSONObject(map));
}
}

@Test
public void issue713BeanConstructorWithNonFiniteNumbers() {
for (Number nonFinite : NON_FINITE_NUMBERS) {
GenericBean<Number> bean = new GenericBean<>(nonFinite);
assertThrows(JSONException.class, () -> new JSONObject(bean));
}
}
}
2 changes: 1 addition & 1 deletion src/test/java/org/json/junit/data/GenericBean.java
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
* @param <T>
* generic number value
*/
public class GenericBean<T extends Number & Comparable<T>> implements MyBean {
public class GenericBean<T extends Number> implements MyBean {
/**
* @param genericValue
* value to initiate with
Expand Down

0 comments on commit 43b2569

Please sign in to comment.