aboutsummaryrefslogtreecommitdiff
path: root/lua_cjson.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* bugfix: Lua cjson and cmsgpack integer overflow issues (CVE-2022-24834)Oran Agra2023-07-181-3/+6
| | | | | | | * Fix integer overflows due to using wrong integer size. * Add assertions / panic when overflow still happens. Co-authored-by: Yossi Gottlieb <yossigo@gmail.com>
* feature: Add option to skip invalid value types. lijunlong2023-02-221-14/+45
| | | Co-authored-by: Jesper Lundgren <jesperlundgren@exosite.com>
* bumped version to 2.1.0.11. (#86)Johnny Wang2023-01-191-1/+1
|
* bugfix: empty_array can not work on Apple because csjon did not compare ↵Datong Sun2022-01-131-1/+1
| | | | | | | | light userdata address with masked address (#82) Since we used `json_lightudata_mask` when creating lightuserdata, same mask should be applied when comparing the return of `touserdata` Fixes #81.
* bumped version to 2.1.0.10. (#79)2.1.0.10rc12.1.0.10Johnny Wang2021-12-101-1/+1
|
* bump version to 2.1.0.92.1.0.9leaf corcoran2021-02-151-1/+1
|
* use macro instead of header defines for Lua 5.2+ supportleaf corcoran2020-04-251-4/+4
|
* support lua 5.3 with LUA_COMPAT_5_1leaf corcoran2020-04-251-0/+1
|
* support lua 5.2 with LUA_COMPAT_ALLleaf corcoran2020-04-251-0/+3
|
* feature: add option to disable forward slash escaping2.1.0.8rc12.1.0.8Jesper Lundgren2020-03-241-0/+18
| | | | Thanks @spacewander for optimization and documentation.
* bugfix: we now only apply the lightuserdata mask on platforms that are at ↵2.1.0.7rc22.1.0.7罗泽轩2018-12-071-0/+5
| | | | least 64bits.
* feature: ported to the ARM64 platform by masking off the bits higher than ↵2.1.0.7rc1spacewander2018-10-171-9/+14
| | | | | | 47-bit in the lightud. Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
* bumped version to 2.1.0.6.2.1.0.6Yichun Zhang (agentzh)2018-04-191-1/+1
|
* optimize: improved forward-compatibility with older versions of Lua/LuaJIT.Thibault Charbonnier2018-01-021-6/+9
| | | | Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
* bugfix: fixed the C compiler warning "SO C90 forbids mixed declarations and ↵2.1.0.6rc2Yichun Zhang (agentzh)2017-11-171-2/+3
| | | | code" on older operating systems.
* feature: set cjson.array_mt on decoded JSON arrays.2.1.0.6rc1Thibault Charbonnier2017-11-171-0/+21
| | | | | | | this can be turned on via cjson.decode_array_with_array_mt(true). off by default. Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
* feature: added new cjson.array_mt metatable to allow enforcing JSON array ↵Thibault Charbonnier2017-11-151-17/+46
| | | | | | encoding. Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
* bugfix: fixed a -Wsign-compare compiler warning.gnought2017-04-101-1/+1
| | | | Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
* bugfix: conditionally build luaL_setfuncs() function as the latest LuaJIT ↵2.1.0.5Datong Sun2017-04-051-2/+3
| | | | v2.1 already includes it. fixes #21.
* feature: supports MS C compiler older than VC2012.spacewander2017-01-311-0/+10
| | | | Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
* bugfix: preserve 'empty_array_mt' behavior upon multiple loadings of the module.Thibault Charbonnier2016-12-171-3/+14
| | | | | | | | | | | | | Prior to this fix, when the module would be loaded several times (by-passing `package.loaded`), the `lua_cjson_new` function would override the `empty_array_mt` table in the registry with a new one. Comparison for equality between those tables would then fail, and the behavior would be broken. This was discovered after loading `cjson` *and* `cjson.safe` in the same application, resulting in two calls to `lua_cjson_new`. Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
* bugfix: fixed compilation errors from the Microsoft C compiler.Tim Chen2016-11-061-0/+6
| | | | Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
* feat: cjson.as_array metamethod to enforce empty array encodingThibault Charbonnier2016-03-031-3/+34
| | | | | | | | | | | | | | A proposed improved patch of openresty/lua-cjson#1 (a patch commonly proposed to lua-cjson and its forks), taking into considerations comments from the original PR. - use a lightuserdata key to store the metatable in the Lua Registry (more efficient and avoiding conflicts) - provide a lightuserdata resulting in empty arrays as well - tests cases moved to t/agentzh.t, where cases for 'encode_empty_table_as_object' are already written. It seems like a better place for tests specific to the OpenResty fork's additions. - a more complex test case
* feature: now we allow up to 16 decimal places in JSON number encoding via ↵2.1.0.3Brandon2015-11-041-1/+1
| | | | | | | | cjson.encode_number_precision(). thanks lordnynex for the patch in #4. Test cases for changing precision
* feature: applied Jiale Zhi's patch to add the new config function ↵2.1.0.1Yichun Zhang (agentzh)2014-02-181-1/+13
| | | | encode_empty_table_as_object so that we can encode empty Lua tables into empty JSON arrays.
* Use Javascript compat values for Infinity/NaNMark Pulford2012-03-041-4/+12
| | | | | Use Javascript compatible values for Infinity/NaN when encoding invalid numbers.
* Bump version to 2.1develMark Pulford2012-03-041-1/+1
|
* Add cjson.safe module to suppress exceptionsMark Pulford2012-03-041-0/+58
| | | | Add cjson.safe module to suppress exceptions during JSON conversions.
* Ignore DISABLE_INVALID_NUMBERS with builtin fpconvMark Pulford2012-03-041-12/+14
|
* Bump version to 2.0develMark Pulford2012-03-041-1/+1
| | | | | Bump version to 2.0devel due to significant changes and updated API (runtime config not fully backwards compatible).
* Reserve stack slot for luaL_error() during encodeMark Pulford2012-03-041-4/+11
| | | | | | | | | | Unlike "decode", encoding leaves both the key/value on the stack before descending. This leaves no spare room for luaL_error() in case the depth check or lua_checkstack() fails. Allocate an extra stack slot to ensure there is always room for luaL_error() in json_check_encode_depth(). Note: this would not have caused a crash or fault due to the EXTRA_STACK slot reserve, but it was a misuse of the Lua C API.
* Remove deprecated "refuse_invalid_numbers"Mark Pulford2012-03-041-38/+0
| | | | | | Remove deprecated "refuse_invalid_numbers" since the version number will be bumped to 1.1.0. Also remove "version" variable since it has been replaced by _VERSION.
* Bump development version to 1.1develMark Pulford2012-03-041-1/+1
|
* Disable registration of cjson global variableMark Pulford2012-03-041-7/+2
| | | | | | | Disable registration of cjson module table global variable in the default build. Automatically creating a variable in the global namespace can cause issues for other software and is no longer recommended with Lua.
* Return boolean values from configuration functionsMark Pulford2012-03-041-5/+8
| | | | | | Return boolean values from configuration functions to simplify usage in the common case. Eg,: if not cjson.encode_invalid_numbers() then .. end
* Add depth/index to decode depth error messageMark Pulford2012-03-041-2/+3
| | | | | | | | | Include depth and character index when throwing decode nesting errors. Pre-emptively add a test decoding a massively nested JSON array. Lua stack overflow faults are unlikely to occur on simple data structures. Valgrind can highlight stack allocation bugs with complicated JSON even if the test succeeds.
* Fix Lua C function stack overflow during encodingMark Pulford2012-03-041-7/+12
| | | | | | | | | Ensure there are enough Lua stack slots available before descending into another table during encoding. This fixes a segfault when encoding deeply nested tables. This bug wasn't noticed earlier due to the previous limit of 20 nested tables.
* Simplify configuration function codeMark Pulford2012-03-041-60/+47
| | | | | | | Simplify configuration functions by adding an argument position parameter to json_enum_option() and json_integer_option(). Create json_arg_init() to check the number of arguments and return the config data.
* Merge lua_json_decode() into json_decode()Mark Pulford2012-03-041-28/+14
| | | | Also ensure cjson.decode() only receives a single argument.
* Update copyright date range to include 2012Mark Pulford2012-03-041-2/+2
|
* Change default nesting limits to 1000Mark Pulford2012-03-041-2/+2
| | | | | Increase the default nesting limits to reduce the chance of accidently throwing an error on valid JSON out of the box.
* Add option to encode invalid numbers as "null"Mark Pulford2012-03-041-65/+109
| | | | | Deprecate and replace refuse_invalid_numbers() with encode_invalid_numbers() and decode_invalid_numbers().
* Add configurable decode nesting limitMark Pulford2012-03-041-35/+63
| | | | | | | | | | | Lua 5.2 is able to extend the Lua stack much further than earlier versions. Recent testing shows it is possible for Lua CJSON to hit the process stack limit and segfault. Add a configurable JSON object/array nesting limit to prevent running out of process stack space. The current limit is 20 (same as encode). Add decode_max_depth() configuration function.
* Improve performance by tracking decode ptrMark Pulford2012-03-041-46/+49
| | | | | | | | | Track pointer to the current location in the JSON string, instead of an index to the string array. Improves decode performance 1-10%. json_next_token(): - Clean up white space handling and leave "ch" containing the current non-whitespace character.
* Fix typos (lists, hexadecimal)Mark Pulford2012-01-021-2/+2
|
* Add build option to disable invalid numbersMark Pulford2012-01-011-0/+15
| | | | | Windows MinGW doesn't convert Infinity/NaN/hexadecimal numbers. Add DISABLE_INVALID_NUMBERS build option option to disable invalid numbers.
* Sanitise locale code, comments and documentationMark Pulford2012-01-011-5/+2
|
* Minor code cleanupMark Pulford2011-12-311-10/+12
| | | | | | - Sanitised arg ordering to encode functions - Commented json->tmp to explain why decode string processing uses strbuf_*_unsafe() functions.
* Remove "update_locale" Lua functionMark Pulford2011-12-311-8/+0
| | | | | | | Only update the locale when the module is initialised. cjson.new() can be used if the locale changes part way through program execution.
* Add option for private bufferMark Pulford2011-12-311-26/+44
| | | | | | When encode_keep_buffer is false, a private buffer will be used. This will allow multiple encoders to run within a single Lua state.