mirror of
https://github.com/qpdf/qpdf.git
synced 2024-12-22 10:58:58 +00:00
In JSONParser::getToken reject illegal control characters
This commit is contained in:
parent
1b89e7684e
commit
5ac6a12e0a
@ -780,10 +780,22 @@ JSONParser::getToken()
|
||||
}
|
||||
}
|
||||
|
||||
if (*p == 0) {
|
||||
if ((*p < 32 && *p >= 0)) {
|
||||
if (*p == '\t' || *p == '\n' || *p == '\r') {
|
||||
// Legal white space not permitted in strings. This will always
|
||||
// end the current token (unless we are still before the start
|
||||
// of the token).
|
||||
if (lex_state == ls_top) {
|
||||
// Continue with token
|
||||
} else {
|
||||
// done
|
||||
}
|
||||
} else {
|
||||
QTC::TC("libtests", "JSON parse null character");
|
||||
throw std::runtime_error(
|
||||
"JSON: null character at offset " + std::to_string(offset));
|
||||
"JSON: control or null character at offset " +
|
||||
std::to_string(offset));
|
||||
}
|
||||
}
|
||||
action = append;
|
||||
switch (lex_state) {
|
||||
|
@ -125,6 +125,10 @@ my @bad = (
|
||||
"e after minus", # 42
|
||||
"missing digit after e", # 43
|
||||
"missing digit after e+/-", # 44
|
||||
# "tab char in string", # 45
|
||||
# "cr char in string", # 46
|
||||
# "lf char in string", # 47
|
||||
# "bs char in string", # 48
|
||||
);
|
||||
|
||||
my $i = 0;
|
||||
|
@ -1 +1 @@
|
||||
exception: bad-18.json: JSON: null character at offset 5
|
||||
exception: bad-18.json: JSON: control or null character at offset 5
|
||||
|
1
libtests/qtest/json_parse/bad-45.json
Normal file
1
libtests/qtest/json_parse/bad-45.json
Normal file
@ -0,0 +1 @@
|
||||
"Tab in str ing"
|
1
libtests/qtest/json_parse/bad-45.out
Normal file
1
libtests/qtest/json_parse/bad-45.out
Normal file
@ -0,0 +1 @@
|
||||
"Tab in str\ting"
|
1
libtests/qtest/json_parse/bad-46.json
Normal file
1
libtests/qtest/json_parse/bad-46.json
Normal file
@ -0,0 +1 @@
|
||||
"cr in str
ing"
|
1
libtests/qtest/json_parse/bad-46.out
Normal file
1
libtests/qtest/json_parse/bad-46.out
Normal file
@ -0,0 +1 @@
|
||||
"cr in str\ring"
|
2
libtests/qtest/json_parse/bad-47.json
Normal file
2
libtests/qtest/json_parse/bad-47.json
Normal file
@ -0,0 +1,2 @@
|
||||
"lf in str
|
||||
ing"
|
1
libtests/qtest/json_parse/bad-47.out
Normal file
1
libtests/qtest/json_parse/bad-47.out
Normal file
@ -0,0 +1 @@
|
||||
"lf in str\ning"
|
1
libtests/qtest/json_parse/bad-48.json
Normal file
1
libtests/qtest/json_parse/bad-48.json
Normal file
@ -0,0 +1 @@
|
||||
"bs in string"
|
1
libtests/qtest/json_parse/bad-48.out
Normal file
1
libtests/qtest/json_parse/bad-48.out
Normal file
@ -0,0 +1 @@
|
||||
exception: bad-48.json: JSON: control or null character at offset 10
|
Loading…
Reference in New Issue
Block a user