From 75b9030c797e4b10199842c298f80368d585c0b8 Mon Sep 17 00:00:00 2001 From: Protobuf Team Bot Date: Tue, 7 Nov 2023 14:38:26 +0000 Subject: [PATCH] Auto-generate files after cl/580158012 --- php/ext/google/protobuf/php-upb.c | 26 ++++++++++++++++++++++---- ruby/ext/google/protobuf_c/ruby-upb.c | 26 ++++++++++++++++++++++---- 2 files changed, 44 insertions(+), 8 deletions(-) diff --git a/php/ext/google/protobuf/php-upb.c b/php/ext/google/protobuf/php-upb.c index f20fc800d8..4225aa3a7d 100644 --- a/php/ext/google/protobuf/php-upb.c +++ b/php/ext/google/protobuf/php-upb.c @@ -3064,6 +3064,10 @@ void upb_strtable_setentryvalue(upb_strtable* t, intptr_t iter, upb_value v) { #include #include #include +#include +#include +#include +#include #include #include @@ -3180,6 +3184,10 @@ static void jsondec_entrysep(jsondec* d) { } static int jsondec_rawpeek(jsondec* d) { + if (d->ptr == d->end) { + jsondec_err(d, "Unexpected EOF"); + } + switch (*d->ptr) { case '{': return JD_OBJECT; @@ -3295,7 +3303,7 @@ static void jsondec_skipdigits(jsondec* d) { static double jsondec_number(jsondec* d) { const char* start = d->ptr; - assert(jsondec_rawpeek(d) == JD_NUMBER); + UPB_ASSERT(jsondec_rawpeek(d) == JD_NUMBER); /* Skip over the syntax of a number, as specified by JSON. */ if (*d->ptr == '-') d->ptr++; @@ -3330,9 +3338,19 @@ parse: * (strtod() accepts a superset of JSON syntax). */ errno = 0; { + // Copy the number into a null-terminated scratch buffer since strtod + // expects a null-terminated string. + char nullz[64]; + ptrdiff_t len = d->ptr - start; + if (len > (ptrdiff_t)(sizeof(nullz) - 1)) { + jsondec_err(d, "excessively long number"); + } + memcpy(nullz, start, len); + nullz[len] = '\0'; + char* end; - double val = strtod(start, &end); - assert(end == d->ptr); + double val = strtod(nullz, &end); + UPB_ASSERT(end - nullz == len); /* Currently the min/max-val conformance tests fail if we check this. Does * this mean the conformance tests are wrong or strtod() is wrong, or @@ -3473,7 +3491,7 @@ static upb_StringView jsondec_string(jsondec* d) { } break; default: - if ((unsigned char)*d->ptr < 0x20) { + if ((unsigned char)ch < 0x20) { jsondec_err(d, "Invalid char in JSON string"); } *end++ = ch; diff --git a/ruby/ext/google/protobuf_c/ruby-upb.c b/ruby/ext/google/protobuf_c/ruby-upb.c index 332aaea4e5..998f4c0891 100644 --- a/ruby/ext/google/protobuf_c/ruby-upb.c +++ b/ruby/ext/google/protobuf_c/ruby-upb.c @@ -2579,6 +2579,10 @@ void upb_strtable_setentryvalue(upb_strtable* t, intptr_t iter, upb_value v) { #include #include #include +#include +#include +#include +#include #include #include @@ -2695,6 +2699,10 @@ static void jsondec_entrysep(jsondec* d) { } static int jsondec_rawpeek(jsondec* d) { + if (d->ptr == d->end) { + jsondec_err(d, "Unexpected EOF"); + } + switch (*d->ptr) { case '{': return JD_OBJECT; @@ -2810,7 +2818,7 @@ static void jsondec_skipdigits(jsondec* d) { static double jsondec_number(jsondec* d) { const char* start = d->ptr; - assert(jsondec_rawpeek(d) == JD_NUMBER); + UPB_ASSERT(jsondec_rawpeek(d) == JD_NUMBER); /* Skip over the syntax of a number, as specified by JSON. */ if (*d->ptr == '-') d->ptr++; @@ -2845,9 +2853,19 @@ parse: * (strtod() accepts a superset of JSON syntax). */ errno = 0; { + // Copy the number into a null-terminated scratch buffer since strtod + // expects a null-terminated string. + char nullz[64]; + ptrdiff_t len = d->ptr - start; + if (len > (ptrdiff_t)(sizeof(nullz) - 1)) { + jsondec_err(d, "excessively long number"); + } + memcpy(nullz, start, len); + nullz[len] = '\0'; + char* end; - double val = strtod(start, &end); - assert(end == d->ptr); + double val = strtod(nullz, &end); + UPB_ASSERT(end - nullz == len); /* Currently the min/max-val conformance tests fail if we check this. Does * this mean the conformance tests are wrong or strtod() is wrong, or @@ -2988,7 +3006,7 @@ static upb_StringView jsondec_string(jsondec* d) { } break; default: - if ((unsigned char)*d->ptr < 0x20) { + if ((unsigned char)ch < 0x20) { jsondec_err(d, "Invalid char in JSON string"); } *end++ = ch;