Merge pull request #719 from nicolasnoble/security

Addressing security concerns.
changes/54/217554/1^2
jboeuf 10 years ago
commit 7885ffebe8
  1. 4
      src/core/json/json.c
  2. 2
      src/core/json/json_reader.c
  3. 7
      src/core/json/json_writer.c
  4. 2
      test/core/json/json_test.c

@ -38,8 +38,8 @@
#include "src/core/json/json.h" #include "src/core/json/json.h"
grpc_json *grpc_json_create(grpc_json_type type) { grpc_json *grpc_json_create(grpc_json_type type) {
grpc_json *json = gpr_malloc(sizeof(grpc_json)); grpc_json *json = gpr_malloc(sizeof(*json));
memset(json, 0, sizeof(grpc_json)); memset(json, 0, sizeof(*json));
json->type = type; json->type = type;
return json; return json;

@ -93,7 +93,7 @@ static void json_reader_set_null(grpc_json_reader* reader) {
/* Call this function to initialize the reader structure. */ /* Call this function to initialize the reader structure. */
void grpc_json_reader_init(grpc_json_reader* reader, void grpc_json_reader_init(grpc_json_reader* reader,
grpc_json_reader_vtable* vtable, void* userdata) { grpc_json_reader_vtable* vtable, void* userdata) {
memset(reader, 0, sizeof(grpc_json_reader)); memset(reader, 0, sizeof(*reader));
reader->vtable = vtable; reader->vtable = vtable;
reader->userdata = userdata; reader->userdata = userdata;
json_reader_string_clear(reader); json_reader_string_clear(reader);

@ -51,7 +51,7 @@ static void json_writer_output_string_with_len(grpc_json_writer* writer, const c
void grpc_json_writer_init(grpc_json_writer* writer, int indent, void grpc_json_writer_init(grpc_json_writer* writer, int indent,
grpc_json_writer_vtable* vtable, void* userdata) { grpc_json_writer_vtable* vtable, void* userdata) {
memset(writer, 0, sizeof(grpc_json_writer)); memset(writer, 0, sizeof(*writer));
writer->container_empty = 1; writer->container_empty = 1;
writer->indent = indent; writer->indent = indent;
writer->vtable = vtable; writer->vtable = vtable;
@ -117,10 +117,10 @@ static void json_writer_escape_string(grpc_json_writer* writer,
gpr_uint8 c = (gpr_uint8)*string++; gpr_uint8 c = (gpr_uint8)*string++;
if (c == 0) { if (c == 0) {
break; break;
} else if ((c >= 32) && (c <= 127)) { } else if ((c >= 32) && (c <= 126)) {
if ((c == '\\') || (c == '"')) json_writer_output_char(writer, '\\'); if ((c == '\\') || (c == '"')) json_writer_output_char(writer, '\\');
json_writer_output_char(writer, c); json_writer_output_char(writer, c);
} else if (c < 32) { } else if ((c < 32) || (c == 127)) {
switch (c) { switch (c) {
case '\b': case '\b':
json_writer_output_string_with_len(writer, "\\b", 2); json_writer_output_string_with_len(writer, "\\b", 2);
@ -161,6 +161,7 @@ static void json_writer_escape_string(grpc_json_writer* writer,
for (i = 0; i < extra; i++) { for (i = 0; i < extra; i++) {
utf32 <<= 6; utf32 <<= 6;
c = *string++; c = *string++;
/* Breaks out and bail on any invalid UTF-8 sequence, including \0. */
if ((c & 0xc0) != 0x80) { if ((c & 0xc0) != 0x80) {
valid = 0; valid = 0;
break; break;

@ -65,7 +65,7 @@ static testing_pair testing_pairs[] = {
/* Testing nested empty containers. */ /* Testing nested empty containers. */
{ " [ [ ] , { } , [ ] ] ", "[[],{},[]]", }, { " [ [ ] , { } , [ ] ] ", "[[],{},[]]", },
/* Testing escapes and control chars in key strings. */ /* Testing escapes and control chars in key strings. */
{ " { \"\\n\\\\a , b\": 1, \"\": 0 } ", "{\"\\n\\\\a , b\":1,\"\":0}" }, { " { \"\x7f\\n\\\\a , b\": 1, \"\": 0 } ", "{\"\\u007f\\n\\\\a , b\":1,\"\":0}" },
/* Testing the writer's ability to cut off invalid UTF-8 sequences. */ /* Testing the writer's ability to cut off invalid UTF-8 sequences. */
{ "\"abc\xf0\x9d\x24\"", "\"abc\"" }, { "\"abc\xf0\x9d\x24\"", "\"abc\"" },
{ "\"\xff\"", "\"\"" }, { "\"\xff\"", "\"\"" },

Loading…
Cancel
Save