--- parser3/src/classes/json.C 2015/07/22 18:29:09 1.35 +++ parser3/src/classes/json.C 2015/08/10 23:47:52 1.37 @@ -18,7 +18,7 @@ #include "pa_vxdoc.h" #endif -volatile const char * IDENT_JSON_C="$Id: json.C,v 1.35 2015/07/22 18:29:09 moko Exp $"; +volatile const char * IDENT_JSON_C="$Id: json.C,v 1.37 2015/08/10 23:47:52 moko Exp $"; // class @@ -343,6 +343,13 @@ static void _parse(Request& r, MethodPar if(int result = json_parser_init(&parser, &config, (json_parser_callback)&json_callback, &json)) throw Exception("json.parse", 0, "%s", json_error_message(result)); + if(!*json_cstr) + throw Exception("json.parse", 0, "empty string is not valid json"); + + const char *first_quote=strchr(json_cstr,'"'); + if(first_quote && first_quote>json_cstr && *(--first_quote) == '\\') + json_exception_with_source(r, "illegal quote escape, json may be tainted", json_cstr, first_quote-json_cstr); + uint32_t processed; if(int result = json_parser_string(&parser, json_cstr, strlen(json_cstr), &processed)) json_exception_with_source(r, json_error_message(result), json_cstr, processed); @@ -383,8 +390,8 @@ public: const String& value_json_string(String::Body key, Value& v, Json_options& options); -const String* Json_options::hash_json_string(HashStringValue &hash) { - if(!hash.count()) +const String* Json_options::hash_json_string(HashStringValue *hash) { + if(!hash || !hash->count()) return new String("{}", String::L_AS_IS); Json_string_recoursion go_down(*this); @@ -395,7 +402,7 @@ const String* Json_options::hash_json_st String *delim=NULL; indent=get_indent(json_string_recoursion); - for(HashStringValue::Iterator i(hash); i; i.next() ){ + for(HashStringValue::Iterator i(*hash); i; i.next() ){ if (delim){ result << *delim; } else { @@ -409,7 +416,7 @@ const String* Json_options::hash_json_st } else { bool need_delim=false; - for(HashStringValue::Iterator i(hash); i; i.next() ){ + for(HashStringValue::Iterator i(*hash); i; i.next() ){ result << (need_delim ? ",\n\"" : "\""); result << String(i.key(), String::L_JSON) << "\":" << value_json_string(i.key(), *i.value(), *this); need_delim=true;