ruby-changes:71890
From: Andrew <ko1@a...>
Date: Fri, 20 May 2022 18:02:06 +0900 (JST)
Subject: [ruby-changes:71890] a15d0e267a (master): [flori/json] Fix parser bug for empty string allocation
https://git.ruby-lang.org/ruby.git/commit/?id=a15d0e267a From a15d0e267a8a429cf2a2a4358080666ee2260526 Mon Sep 17 00:00:00 2001 From: Andrew Bromwich <a.bromwich@g...> Date: Wed, 20 Apr 2022 22:30:35 +1000 Subject: [flori/json] Fix parser bug for empty string allocation When `HAVE_RB_ENC_INTERNED_STR` is enabled it is possible to pass through a null pointer to `rb_enc_interned_str` resulting in a segfault Fixes #495 https://github.com/flori/json/commit/b59368a8c2 --- ext/json/parser/parser.c | 8 ++++++++ ext/json/parser/parser.rl | 8 ++++++++ test/json/json_parser_test.rb | 1 + 3 files changed, 17 insertions(+) diff --git a/ext/json/parser/parser.c b/ext/json/parser/parser.c index b7de60ddfb..8b860c4101 100644 --- a/ext/json/parser/parser.c +++ b/ext/json/parser/parser.c @@ -2363,9 +2363,17 @@ static VALUE json_string_unescape(char *string, char *stringEnd, int intern, int https://github.com/ruby/ruby/blob/trunk/ext/json/parser/parser.c#L2363 char buf[4]; if (bufferSize > MAX_STACK_BUFFER_SIZE) { +# ifdef HAVE_RB_ENC_INTERNED_STR + bufferStart = buffer = ALLOC_N(char, bufferSize ? bufferSize : 1); +# else bufferStart = buffer = ALLOC_N(char, bufferSize); +# endif } else { +# ifdef HAVE_RB_ENC_INTERNED_STR + bufferStart = buffer = ALLOCA_N(char, bufferSize ? bufferSize : 1); +# else bufferStart = buffer = ALLOCA_N(char, bufferSize); +# endif } while (pe < stringEnd) { diff --git a/ext/json/parser/parser.rl b/ext/json/parser/parser.rl index 15e6b929f5..2dee80ee3b 100644 --- a/ext/json/parser/parser.rl +++ b/ext/json/parser/parser.rl @@ -462,9 +462,17 @@ static VALUE json_string_unescape(char *string, char *stringEnd, int intern, int https://github.com/ruby/ruby/blob/trunk/ext/json/parser/parser.rl#L462 char buf[4]; if (bufferSize > MAX_STACK_BUFFER_SIZE) { +# ifdef HAVE_RB_ENC_INTERNED_STR + bufferStart = buffer = ALLOC_N(char, bufferSize ? bufferSize : 1); +# else bufferStart = buffer = ALLOC_N(char, bufferSize); +# endif } else { +# ifdef HAVE_RB_ENC_INTERNED_STR + bufferStart = buffer = ALLOCA_N(char, bufferSize ? bufferSize : 1); +# else bufferStart = buffer = ALLOCA_N(char, bufferSize); +# endif } while (pe < stringEnd) { diff --git a/test/json/json_parser_test.rb b/test/json/json_parser_test.rb index dce693e548..00b254fc6a 100644 --- a/test/json/json_parser_test.rb +++ b/test/json/json_parser_test.rb @@ -84,6 +84,7 @@ class JSONParserTest < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/json/json_parser_test.rb#L84 assert_equal({ "a" => 23 }, parse(' { "a" : 23 } ')) assert_equal({ "a" => 0.23 }, parse(' { "a" : 0.23 } ')) assert_equal({ "a" => 0.23 }, parse(' { "a" : 0.23 } ')) + assert_equal({ "" => 123 }, parse('{"":123}')) end def test_parse_numbers -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/