Merge pull request #5803 from nicolasnoble/what-the-fuzz

Fixing json parsing issues detected by libfuzz.
8 years ago · eedc335580
parent 1e6e21b745 18c71117b0
commit eedc335580
2 changed files with 10 additions and 6 deletions
--- a/src/core/lib/json/json_reader.c
+++ b/src/core/lib/json/json_reader.c
@ -1,6 +1,6 @@
 /*
 *
- * Copyright 2015, Google Inc.
+ * Copyright 2015-2016, Google Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
@ -171,8 +171,9 @@ grpc_json_reader_status grpc_json_reader_run(grpc_json_reader *reader) {
        switch (reader->state) {
          case GRPC_JSON_STATE_OBJECT_KEY_STRING:
          case GRPC_JSON_STATE_VALUE_STRING:
-            if (reader->unicode_high_surrogate != 0)
+            if (reader->unicode_high_surrogate != 0) {
              return GRPC_JSON_PARSE_ERROR;
+            }
            json_reader_string_add_char(reader, c);
            break;

@ -289,8 +290,9 @@ grpc_json_reader_status grpc_json_reader_run(grpc_json_reader *reader) {
            break;

          case GRPC_JSON_STATE_OBJECT_KEY_STRING:
-            if (reader->unicode_high_surrogate != 0)
+            if (reader->unicode_high_surrogate != 0) {
              return GRPC_JSON_PARSE_ERROR;
+            }
            if (c == '"') {
              reader->state = GRPC_JSON_STATE_OBJECT_KEY_END;
              json_reader_set_key(reader);
@ -302,8 +304,9 @@ grpc_json_reader_status grpc_json_reader_run(grpc_json_reader *reader) {
            break;

          case GRPC_JSON_STATE_VALUE_STRING:
-            if (reader->unicode_high_surrogate != 0)
+            if (reader->unicode_high_surrogate != 0) {
              return GRPC_JSON_PARSE_ERROR;
+            }
            if (c == '"') {
              reader->state = GRPC_JSON_STATE_VALUE_END;
              json_reader_set_string(reader);
@ -383,8 +386,9 @@ grpc_json_reader_status grpc_json_reader_run(grpc_json_reader *reader) {
            } else {
              reader->state = GRPC_JSON_STATE_VALUE_STRING;
            }
-            if (reader->unicode_high_surrogate && c != 'u')
+            if (reader->unicode_high_surrogate && c != 'u') {
              return GRPC_JSON_PARSE_ERROR;
+            }
            switch (c) {
              case '"':
              case '/':
--- a/test/core/json/json_test.c
+++ b/test/core/json/json_test.c
@ -1,6 +1,6 @@
 /*
 *
- * Copyright 2015, Google Inc.
+ * Copyright 2015-2016, Google Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without