#define _GNU_SOURCE
#include <ctype.h>
#include <errno.h>
+#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
#include <assert.h>
+#include <stdint.h>
#include <jansson.h>
#include "jansson_private.h"
c = stream->buffer[0];
- if(c < 0 && c != EOF)
+ if((unsigned char)c >= 0x80 && c != (char)EOF)
{
/* multi-byte UTF-8 sequence */
int i, count;
for(i = 1; i < count; i++)
stream->buffer[i] = stream->get(stream->data);
- if(!utf8_check_full(stream->buffer, count))
+ if(!utf8_check_full(stream->buffer, count, NULL))
goto out;
stream->stream_pos += count;
}
/* assumes that str points to 'u' plus at least 4 valid hex digits */
-static int decode_unicode_escape(const char *str)
+static int32_t decode_unicode_escape(const char *str)
{
int i;
- int value = 0;
+ int32_t value = 0;
assert(str[0] == 'u');
c = lex_get_save(lex, error);
while(c != '"') {
- if(c == EOF) {
+ if(c == (char)EOF) {
lex_unget_unsave(lex, c);
if(lex_eof(lex))
error_set(error, lex, "premature end of input");
goto out;
}
- else if(0 <= c && c <= 0x1F) {
+ else if((unsigned char)c <= 0x1F) {
/* control character */
lex_unget_unsave(lex, c);
if(c == '\n')
if(*p == 'u') {
char buffer[4];
int length;
- int value;
+ int32_t value;
value = decode_unicode_escape(p);
p += 5;
if(0xD800 <= value && value <= 0xDBFF) {
/* surrogate pair */
if(*p == '\\' && *(p + 1) == 'u') {
- int value2 = decode_unicode_escape(++p);
+ int32_t value2 = decode_unicode_escape(++p);
p += 5;
if(0xDC00 <= value2 && value2 <= 0xDFFF) {
/* valid second surrogate */
- value = ((value - 0xD800) << 10) +
- (value2 - 0xDC00) +
- 0x10000;
+ value =
+ ((value - 0xD800) << 10) +
+ (value2 - 0xDC00) +
+ 0x10000;
}
else {
/* invalid second surrogate */
free(lex->value.string);
}
-static void lex_scan_number(lex_t *lex, char c, json_error_t *error)
+static int lex_scan_number(lex_t *lex, char c, json_error_t *error)
{
const char *saved_text;
char *end;
+ double value;
lex->token = TOKEN_INVALID;
goto out;
}
}
- else /* c != '0' */ {
+ else if(isdigit(c)) {
c = lex_get_save(lex, error);
while(isdigit(c))
c = lex_get_save(lex, error);
}
+ else {
+ lex_unget_unsave(lex, c);
+ goto out;
+ }
if(c != '.' && c != 'E' && c != 'e') {
+ long value;
+
lex_unget_unsave(lex, c);
- lex->token = TOKEN_INTEGER;
saved_text = strbuffer_value(&lex->saved_text);
- lex->value.integer = strtol(saved_text, &end, 10);
+ value = strtol(saved_text, &end, 10);
assert(end == saved_text + lex->saved_text.length);
- return;
+ if((value == LONG_MAX && errno == ERANGE) || value > INT_MAX) {
+ error_set(error, lex, "too big integer");
+ goto out;
+ }
+ else if((value == LONG_MIN && errno == ERANGE) || value < INT_MIN) {
+ error_set(error, lex, "too big negative integer");
+ goto out;
+ }
+
+ lex->token = TOKEN_INTEGER;
+ lex->value.integer = (int)value;
+ return 0;
}
if(c == '.') {
}
lex_unget_unsave(lex, c);
- lex->token = TOKEN_REAL;
saved_text = strbuffer_value(&lex->saved_text);
- lex->value.real = strtod(saved_text, &end);
+ value = strtod(saved_text, &end);
assert(end == saved_text + lex->saved_text.length);
+ if(value == 0 && errno == ERANGE) {
+ error_set(error, lex, "real number underflow");
+ goto out;
+ }
+
+ /* Cannot test for +/-HUGE_VAL because the HUGE_VAL constant is
+ only defined in C99 mode. So let's trust in sole errno. */
+ else if(errno == ERANGE) {
+ error_set(error, lex, "real number overflow");
+ goto out;
+ }
+
+ lex->token = TOKEN_REAL;
+ lex->value.real = value;
+ return 0;
+
out:
- return;
+ return -1;
}
static int lex_scan(lex_t *lex, json_error_t *error)
strbuffer_clear(&lex->saved_text);
if(lex->token == TOKEN_STRING) {
- free(lex->value.string);
- lex->value.string = NULL;
+ free(lex->value.string);
+ lex->value.string = NULL;
}
c = lex_get(lex, error);
c = lex_get(lex, error);
}
- if(c == EOF) {
+ if(c == (char)EOF) {
if(lex_eof(lex))
lex->token = TOKEN_EOF;
else
else if(c == '"')
lex_scan_string(lex, error);
- else if(isdigit(c) || c == '-')
- lex_scan_number(lex, c, error);
+ else if(isdigit(c) || c == '-') {
+ if(lex_scan_number(lex, c, error))
+ goto out;
+ }
else if(isupper(c) || islower(c)) {
/* eat up the whole identifier for clearer error messages */
break;
case '{':
- json = parse_object(lex, error);
+ json = parse_object(lex, error);
break;
case '[':
return json;
}
-json_t *parse_json(lex_t *lex, json_error_t *error)
+static json_t *parse_json(lex_t *lex, json_error_t *error)
{
error_init(error);
json_t *result;
FILE *fp;
+ error_init(error);
+
fp = fopen(path, "r");
if(!fp)
{