OpenSystemsDevelopment / qpdf

Commit 5ac6a12e0a76613d29edc65beb6b99af45172493

Authored by m-holger
1 parent 1b89e768

In JSONParser::getToken reject illegal control characters

Inline Side-by-side
Showing 11 changed files with 30 additions and 5 deletions
libqpdf/JSON.cc
  View file @5ac6a12
@@ -780,10 +780,22 @@ JSONParser::getToken() @@ -780,10 +780,22 @@ JSONParser::getToken()
780 } 780 }
781 } 781 }
782 782
783 - if (*p == 0) {  
784 - QTC::TC("libtests", "JSON parse null character");  
785 - throw std::runtime_error(  
786 - "JSON: null character at offset " + std::to_string(offset)); 783 + if ((*p < 32 && *p >= 0)) {
  784 + if (*p == '\t' || *p == '\n' || *p == '\r') {
  785 + // Legal white space not permitted in strings. This will always
  786 + // end the current token (unless we are still before the start
  787 + // of the token).
  788 + if (lex_state == ls_top) {
  789 + // Continue with token
  790 + } else {
  791 + // done
  792 + }
  793 + } else {
  794 + QTC::TC("libtests", "JSON parse null character");
  795 + throw std::runtime_error(
  796 + "JSON: control or null character at offset " +
  797 + std::to_string(offset));
  798 + }
787 } 799 }
788 action = append; 800 action = append;
789 switch (lex_state) { 801 switch (lex_state) {
libtests/qtest/json_parse.test
  View file @5ac6a12
@@ -125,6 +125,10 @@ my @bad = ( @@ -125,6 +125,10 @@ my @bad = (
125 "e after minus", # 42 125 "e after minus", # 42
126 "missing digit after e", # 43 126 "missing digit after e", # 43
127 "missing digit after e+/-", # 44 127 "missing digit after e+/-", # 44
  128 + # "tab char in string", # 45
  129 + # "cr char in string", # 46
  130 + # "lf char in string", # 47
  131 + # "bs char in string", # 48
128 ); 132 );
129 133
130 my $i = 0; 134 my $i = 0;
libtests/qtest/json_parse/bad-18.out
  View file @5ac6a12
1 -exception: bad-18.json: JSON: null character at offset 5 1 +exception: bad-18.json: JSON: control or null character at offset 5
libtests/qtest/json_parse/bad-45.json 0 → 100644
  View file @5ac6a12
  1 +"Tab in str ing"
libtests/qtest/json_parse/bad-45.out 0 → 100644
  View file @5ac6a12
  1 +"Tab in str\ting"
libtests/qtest/json_parse/bad-46.json 0 → 100644
  View file @5ac6a12
  1 +"cr in str ing"
libtests/qtest/json_parse/bad-46.out 0 → 100644
  View file @5ac6a12
  1 +"cr in str\ring"
libtests/qtest/json_parse/bad-47.json 0 → 100644
  View file @5ac6a12
  1 +"lf in str
  2 +ing"
libtests/qtest/json_parse/bad-47.out 0 → 100644
  View file @5ac6a12
  1 +"lf in str\ning"
libtests/qtest/json_parse/bad-48.json 0 → 100644
  View file @5ac6a12
  1 +"bs in string"
0 \ No newline at end of file 2 \ No newline at end of file
libtests/qtest/json_parse/bad-48.out 0 → 100644
  View file @5ac6a12
  1 +exception: bad-48.json: JSON: control or null character at offset 10