diff options
| author | Mark Pulford <mark@kyne.com.au> | 2011-05-03 22:59:42 +0930 |
|---|---|---|
| committer | Mark Pulford <mark@kyne.com.au> | 2011-05-03 22:59:42 +0930 |
| commit | ce3a769dbdd13571b5b761d933e17e8fe5771739 (patch) | |
| tree | bfa15a9c639f58323fe1fe1451045d5cd9eac383 /lua_cjson.c | |
| parent | e1001b2f316448ce171434f31410ffc150877a82 (diff) | |
| download | lua-cjson-ce3a769dbdd13571b5b761d933e17e8fe5771739.tar.gz lua-cjson-ce3a769dbdd13571b5b761d933e17e8fe5771739.tar.bz2 lua-cjson-ce3a769dbdd13571b5b761d933e17e8fe5771739.zip | |
Generate parse error for invalid leading zeros
Diffstat (limited to 'lua_cjson.c')
| -rw-r--r-- | lua_cjson.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/lua_cjson.c b/lua_cjson.c index 5f518f6..c7d65af 100644 --- a/lua_cjson.c +++ b/lua_cjson.c | |||
| @@ -732,6 +732,7 @@ static void json_next_string_token(json_parse_t *json, json_token_t *token) | |||
| 732 | * - numbers starting with '+' | 732 | * - numbers starting with '+' |
| 733 | * - NaN, -NaN, infinity, -infinity | 733 | * - NaN, -NaN, infinity, -infinity |
| 734 | * - hexidecimal numbers | 734 | * - hexidecimal numbers |
| 735 | * - numbers with leading zeros | ||
| 735 | * | 736 | * |
| 736 | * json_is_invalid_number() detects "numbers" which may pass strtod()'s | 737 | * json_is_invalid_number() detects "numbers" which may pass strtod()'s |
| 737 | * error checking, but should not be allowed with strict JSON. | 738 | * error checking, but should not be allowed with strict JSON. |
| @@ -742,25 +743,33 @@ static void json_next_string_token(json_parse_t *json, json_token_t *token) | |||
| 742 | static int json_is_invalid_number(json_parse_t *json) | 743 | static int json_is_invalid_number(json_parse_t *json) |
| 743 | { | 744 | { |
| 744 | int i = json->index; | 745 | int i = json->index; |
| 745 | char ch; | ||
| 746 | 746 | ||
| 747 | /* Reject numbers starting with + */ | 747 | /* Reject numbers starting with + */ |
| 748 | if (json->data[i] == '+') | 748 | if (json->data[i] == '+') |
| 749 | return 1; | 749 | return 1; |
| 750 | 750 | ||
| 751 | /* Skip minus sign if it exists */ | ||
| 751 | if (json->data[i] == '-') | 752 | if (json->data[i] == '-') |
| 752 | i++; | 753 | i++; |
| 753 | 754 | ||
| 754 | /* Reject numbers starting with 0x, pass other numbers starting | 755 | /* Reject numbers starting with 0x, or leading zeros */ |
| 755 | * with 0 */ | 756 | if (json->data[i] == '0') { |
| 756 | if (json->data[i] == '0') | 757 | int ch2 = json->data[i + 1]; |
| 757 | return ((json->data[i + 1] | 0x20) == 'x'); | 758 | |
| 759 | if ((ch2 | 0x20) == 'x' || /* Hex */ | ||
| 760 | ('0' <= ch2 && ch2 <= '9')) /* Leading zero */ | ||
| 761 | return 1; | ||
| 762 | |||
| 763 | return 0; | ||
| 764 | } else if (json->data[i] <= '9') { | ||
| 765 | return 0; /* Ordinary number */ | ||
| 766 | } | ||
| 767 | |||
| 758 | 768 | ||
| 759 | /* Reject inf/nan */ | 769 | /* Reject inf/nan */ |
| 760 | ch = json->data[i] | 0x20; | 770 | if (!strncasecmp(&json->data[i], "inf", 3)) |
| 761 | if (ch == 'i' && !strncasecmp(&json->data[i], "inf", 3)) | ||
| 762 | return 1; | 771 | return 1; |
| 763 | if (ch == 'n' && !strncasecmp(&json->data[i], "nan", 3)) | 772 | if (!strncasecmp(&json->data[i], "nan", 3)) |
| 764 | return 1; | 773 | return 1; |
| 765 | 774 | ||
| 766 | /* Pass all other numbers which may still be invalid, but | 775 | /* Pass all other numbers which may still be invalid, but |