--- parser3/src/classes/json.C 2015/03/17 07:28:43 1.34 +++ parser3/src/classes/json.C 2023/10/01 15:14:44 1.58 @@ -1,7 +1,8 @@ /** @file Parser: @b json parser class. - Copyright (c) 2000-2012 Art. Lebedev Studio (http://www.artlebedev.com) + Copyright (c) 2000-2023 Art. Lebedev Studio (http://www.artlebedev.com) + Authors: Konstantin Morshnev */ #include "classes.h" @@ -18,7 +19,7 @@ #include "pa_vxdoc.h" #endif -volatile const char * IDENT_JSON_C="$Id: json.C,v 1.34 2015/03/17 07:28:43 misha Exp $"; +volatile const char * IDENT_JSON_C="$Id: json.C,v 1.58 2023/10/01 15:14:44 moko Exp $"; // class @@ -29,10 +30,10 @@ public: // global variable -DECLARE_CLASS_VAR(json, new MJson, 0); +DECLARE_CLASS_VAR(json, new MJson); // methods -struct Json { +struct Json : public PA_Allocated { Stack stack; Stack key_stack; @@ -66,7 +67,7 @@ struct Json { static void set_json_value(Json *json, Value *value){ VHash *top = json->stack.top_value(); if(json->key == NULL){ - top->hash().put(String(format(top->get_hash()->count(), 0)), value); + top->hash().put(format(top->get_hash()->count(), 0), value); } else { switch (json->distinct){ case Json::D_EXCEPTION: @@ -95,19 +96,18 @@ static void set_json_value(Json *json, V String* json_string(Json *json, const char *value, uint32_t length){ String::C result = json->charset !=NULL ? - Charset::transcode(String::C(value, length), UTF8_charset, *json->charset) : + Charset::transcode(String::C(value, length), pa_UTF8_charset, *json->charset) : String::C(pa_strdup(value, length), length); - return new String(result.str, json->taint, result.length); + return new String(result, json->taint); } static Value *json_hook(Request &r, Junction *hook, String* key, Value* value){ - VMethodFrame frame(*hook->method, r.method_frame, hook->self); Value *params[]={new VString(key ? *key : String::Empty), value}; - - frame.store_params(params, 2); - r.execute_method(frame); - - return &frame.result().as_value(); + METHOD_FRAME_ACTION(*hook->method, r.method_frame, hook->self, { + frame.store_params(params, 2); + r.call(frame); + return &frame.result(); + }); } static int json_callback(Json *json, int type, const char *value, uint32_t length) @@ -205,7 +205,7 @@ static const char* json_error_message(in "nesting limit", "data limit", "comment not allowed by config", - "unexpected char", + "unexpected character", "missing unicode low surrogate", "unexpected unicode low surrogate", "error comma out of structure", @@ -216,6 +216,67 @@ static const char* json_error_message(in extern String::Language get_untaint_lang(const String& lang_name); +#define SOURCE_MAX_LEN 60 + +void json_exception_with_source(Request& r, const char* msg, const char* json, int offset){ + int i; + + int line=0; + int start=0; + int end=strlen(json); + + if(offset>end) + offset=end; + + for(i = 0; i < offset; i++){ + if(json[i]=='\n'){ + line++; + } + } + + if(offset > SOURCE_MAX_LEN/2) + start = offset - SOURCE_MAX_LEN/2; + + for(i = offset-1; i>=start; i--){ + if(json[i]=='\n'){ + start=i+1; + break; + } + } + + if(start+SOURCE_MAX_LEN < end) + end=start+SOURCE_MAX_LEN; + + for(i = offset+1; i0){ + String s_source(pa_strdup(source,source_offset)); + source_offset=s_source.length(r.charsets.source()); + } + } + + throw Exception("json.parse", 0, "%s at line %d\n%s\n%*s", msg, line+1, source, source_offset+1, "^"); +} + static void _parse(Request& r, MethodParams& params) { const String& json_string=params.as_string(0, "json must be string"); @@ -236,15 +297,15 @@ static void _parse(Request& r, MethodPar if(HashStringValue* options=params.as_hash(1)) { int valid_options=0; if(Value* value=options->get("depth")) { - config.max_nesting=r.process_to_value(*value).as_int(); + config.max_nesting=r.process(*value).as_int(); valid_options++; } if(Value* value=options->get("double")) { - json.handle_double=r.process_to_value(*value).as_bool(); + json.handle_double=r.process(*value).as_bool(); valid_options++; } if(Value* value=options->get("int")) { - json.handle_int=r.process_to_value(*value).as_bool(); + json.handle_int=r.process(*value).as_bool(); valid_options++; } if(Value* value=options->get("distinct")) { @@ -260,14 +321,14 @@ static void _parse(Request& r, MethodPar if(Value* value=options->get("object")) { json.hook_object=value->get_junction(); json.request=&r; - if (!json.hook_object || !json.hook_object->method || !json.hook_object->method->params_names || !(json.hook_object->method->params_names->count() == 2)) + if (!json.hook_object || !json.hook_object->method || !json.hook_object->method->params_names || !(json.hook_object->method->params_count == 2)) throw Exception(PARSER_RUNTIME, 0, "$.object must be parser method with 2 parameters"); valid_options++; } if(Value* value=options->get("array")) { json.hook_array=value->get_junction(); json.request=&r; - if (!json.hook_array || !json.hook_array->method || !json.hook_array->method->params_names || !(json.hook_array->method->params_names->count() == 2)) + if (!json.hook_array || !json.hook_array->method || !json.hook_array->method->params_names || !(json.hook_array->method->params_count == 2)) throw Exception(PARSER_RUNTIME, 0, "$.array must be parser method with 2 parameters"); valid_options++; } @@ -276,22 +337,29 @@ static void _parse(Request& r, MethodPar } const String::Body json_body = json_string.cstr_to_string_body_untaint(String::L_JSON, r.connection(false), &r.charsets); - const char *json_cstr = json.charset != NULL ? Charset::transcode(json_body, *json.charset, UTF8_charset).cstr() : json_body.cstr(); + const char *json_cstr = json.charset != NULL ? Charset::transcode(json_body, *json.charset, pa_UTF8_charset).cstr() : json_body.cstr(); json_parser parser; if(int result = json_parser_init(&parser, &config, (json_parser_callback)&json_callback, &json)) throw Exception("json.parse", 0, "%s", json_error_message(result)); + if(!*json_cstr) + throw Exception("json.parse", 0, "empty string is not valid json"); + + const char *first_quote=strchr(json_cstr,'"'); + if(first_quote && first_quote>json_cstr && *(--first_quote) == '\\') + json_exception_with_source(r, "illegal quote escape, json may be tainted", json_cstr, first_quote-json_cstr); + uint32_t processed; if(int result = json_parser_string(&parser, json_cstr, strlen(json_cstr), &processed)) - throw Exception("json.parse", 0, "%s at byte %d", json_error_message(result), processed); + json_exception_with_source(r, json_error_message(result), json_cstr, processed); if (!json_parser_is_done(&parser)) - throw Exception("json.parse", 0, "unexpected end of json data"); - + json_exception_with_source(r, "unexpected end of json data", json_cstr, processed); + json_parser_free(&parser); - if (json.result) r.write_no_lang(*json.result); + if (json.result) r.write(*json.result); } const uint ANTI_ENDLESS_JSON_STRING_RECOURSION=128; @@ -299,7 +367,7 @@ const uint ANTI_ENDLESS_JSON_STRING_RECO char *get_indent(uint level){ static char* cache[ANTI_ENDLESS_JSON_STRING_RECOURSION]={}; if (!cache[level]){ - char *result = static_cast(pa_gc_malloc_atomic(level+1)); + char *result = static_cast(pa_malloc_atomic(level+1)); memset(result, '\t', level); result[level]='\0'; return cache[level]=result; @@ -307,6 +375,21 @@ char *get_indent(uint level){ return cache[level]; } +String *get_delim(uint level){ + static String* cache[ANTI_ENDLESS_JSON_STRING_RECOURSION]={}; + + if (!cache[level]){ + char *result = static_cast(pa_malloc_atomic(level+2+1+1)); + result[0]=','; + result[1]='\n'; + memset(result+2, '\t', level); + result[level+2]='"'; + result[level+3]='\0'; + return cache[level] = new String(result, String::L_AS_IS); + } + return cache[level]; +} + class Json_string_recoursion { Json_options& foptions; public: @@ -322,8 +405,8 @@ public: const String& value_json_string(String::Body key, Value& v, Json_options& options); -const String* Json_options::hash_json_string(HashStringValue &hash) { - if(!hash.count()) +const String* Json_options::hash_json_string(HashStringValue *hash) { + if(!hash || !hash->count()) return new String("{}", String::L_AS_IS); Json_string_recoursion go_down(*this); @@ -334,12 +417,12 @@ const String* Json_options::hash_json_st String *delim=NULL; indent=get_indent(json_string_recoursion); - for(HashStringValue::Iterator i(hash); i; i.next() ){ + for(HashStringValue::Iterator i(*hash); i; i.next() ){ if (delim){ result << *delim; } else { result << indent << "\""; - delim = new String(",\n", String::L_AS_IS); *delim << indent << "\""; + delim = get_delim(json_string_recoursion); } result << String(i.key(), String::L_JSON) << "\":" << value_json_string(i.key(), *i.value(), *this); } @@ -348,7 +431,7 @@ const String* Json_options::hash_json_st } else { bool need_delim=false; - for(HashStringValue::Iterator i(hash); i; i.next() ){ + for(HashStringValue::Iterator i(*hash); i; i.next() ){ result << (need_delim ? ",\n\"" : "\""); result << String(i.key(), String::L_JSON) << "\":" << value_json_string(i.key(), *i.value(), *this); need_delim=true; @@ -373,17 +456,16 @@ const String& value_json_string(String:: } if(method && !method->is_void()) { Junction* junction=method->get_junction(); - VMethodFrame frame(*junction->method, options.r->method_frame, junction->self); - HashStringValue* params_hash=options.params && options.indent ? options.params->get_hash() : NULL; Temp_hash_value indent(params_hash, "indent", new VString(*new String(options.indent, String::L_AS_IS))); Value *params[]={new VString(*new String(key, String::L_JSON)), &v, options.params ? options.params : VVoid::get()}; - frame.store_params(params, 3); - - options.r->execute_method(frame); - return frame.result().as_string(); + METHOD_FRAME_ACTION(*junction->method, options.r->method_frame, junction->self, { + frame.store_params(params, 3); + options.r->call(frame); + return frame.result().as_string(); + }); } } @@ -396,7 +478,7 @@ static void _string(Request& r, MethodPa if(params.count() == 2) if(HashStringValue* options=params.as_hash(1)) { - json.params=params.get(1); + json.params=¶ms[1]; HashStringValue* methods=new HashStringValue(); int valid_options=0; HashStringValue* vvalue; @@ -404,18 +486,21 @@ static void _string(Request& r, MethodPa String::Body key=i.key(); Value* value=i.value(); if(key == "skip-unknown"){ - json.skip_unknown=r.process_to_value(*value).as_bool(); + json.skip_unknown=r.process(*value).as_bool(); + valid_options++; + } else if(key == "one-line"){ + json.one_line=r.process(*value).as_bool(); valid_options++; } else if(key == "date" && value->is_string()){ const String& svalue=value->as_string(); if(!json.set_date_format(svalue)) - throw Exception(PARSER_RUNTIME, &svalue, "must be 'sql-string', 'gmt-string' or 'unix-timestamp'"); + throw Exception(PARSER_RUNTIME, &svalue, "must be 'sql-string', 'gmt-string', 'iso-string' or 'unix-timestamp'"); valid_options++; } else if(key == "indent"){ if(value->is_string()){ json.indent=value->as_string().cstr(); json.json_string_recoursion=strlen(json.indent); - } else json.indent=r.process_to_value(*value).as_bool() ? "" : NULL; + } else json.indent=r.process(*value).as_bool() ? "" : NULL; valid_options++; } else if(key == "table" && value->is_string()){ const String& svalue=value->as_string(); @@ -439,7 +524,7 @@ static void _string(Request& r, MethodPa valid_options++; #endif } else if(Junction* junction=value->get_junction()){ - if(!junction->method || !junction->method->params_names || junction->method->params_names->count() != 3) + if(!junction->method || !junction->method->params_names || junction->method->params_count != 3) throw Exception(PARSER_RUNTIME, 0, "$.%s must be parser method with 3 parameters", key.cstr()); methods->put(key, value); valid_options++; @@ -450,12 +535,12 @@ static void _string(Request& r, MethodPa throw Exception(PARSER_RUNTIME, 0, CALLED_WITH_INVALID_OPTION); // special handling for $._default - if(VHash* vhash=static_cast(params[1].as(VHASH_TYPE))) + if(VHashBase* vhash=static_cast(params[1].as(VHASH_TYPE))) if(Value* value=vhash->get_default()) { if(!value->is_string()){ - Junction* junction=value->get_junction(); - if(!junction || !junction->method || !junction->method->params_names || junction->method->params_names->count() != 3) - throw Exception(PARSER_RUNTIME, 0, "$.%s must be string or parser method with 3 parameters", HASH_DEFAULT_ELEMENT_NAME); + Junction* junction=value->get_junction(); + if(!junction || !junction->method || !junction->method->params_names || junction->method->params_count != 3) + throw Exception(PARSER_RUNTIME, 0, "$._default must be string or parser method with 3 parameters"); } json.default_method=value; } @@ -464,15 +549,22 @@ static void _string(Request& r, MethodPa json.methods=methods; } - const String& result_string=value_json_string(String::Body(), r.process_to_value(params[0]), json); + const String& result_string=value_json_string(String::Body(), r.process(params[0]), json); String::Body result_body=result_string.cstr_to_string_body_untaint(String::L_JSON, r.connection(false), &r.charsets); - r.write_pass_lang(*new String(result_body, String::L_AS_IS)); - } + if(json.one_line){ + char *result=result_body.cstrm(); + for(char *c=result;*c;c++) + if(*c=='\n') + *c=' '; + result_body=result; + } + r.write(*new String(result_body, String::L_AS_IS)); +} // constructor MJson::MJson(): Methoded("json") { add_native_method("parse", Method::CT_STATIC, _parse, 1, 2); - add_native_method("string", Method::CT_ANY, _string, 1, 2); + add_native_method("string", Method::CT_STATIC, _string, 1, 2); }