esnme / ujson4c Goto Github PK

View Code? Open in Web Editor NEW

153.0 153.0 21.0 356 KB

License: Other

C 100.00%

ujson4c's People

Contributors

Stargazers

Watchers

Forkers

mikeathene aeppert pawelmarc kleopatra999 leonardoce chunkified commshare crazy-william inviz savent404 skyformat99 elastic quire7 hansirchen moneytech kozhuhar spencerx

ujson4c's Issues

BUG: no memory allocation check

In case of a NULL hf parameter, UJDecode will allocate an initial heap (initialHeap) and start deref'ing it with no check of allocation result.

BUG: UJObjectUnpack doesn't respect output objects sequence

The function tries to match decoded JSON objects to the given keys received as arguments and store the corresponding objects back into the out parameters.
The bug stems from the fact that walking the list of va arguments is synchronised with the iteration over the members of the decoded object, not the keys. Since the order of the members into a JSON object can vary, the allocation to the output references can be wrong.

Also, the usage of va_arg in the function receives the wrong type paramter: UJObject instead of UJObject *, though this has little consequence, since both are pointers.

This is likely the cause of #7.

Below is a proposed patch to fix the issue (as well the local mixing of tabs and WSes).

index 4b5a62d..161d909 100644
--- a/src/ujdecode.c
+++ b/src/ujdecode.c
@@ -686,10 +686,10 @@ int UJObjectUnpack(UJObject objObj, int keys, const char *format, const wchar_t
 	int ki;
 	int ks = 0;
 	const wchar_t *keyNames[64];
-  va_list args;
-  UJObject *outValue;
+	UJObject *outValues[64];
+	va_list args;
+	UJObject *outValue;
 
-  va_start(args, _keyNames);
 
   if (!UJIsObject(objObj))
 	{
@@ -703,10 +703,14 @@ int UJObjectUnpack(UJObject objObj, int keys, const char *format, const wchar_t
 		return -1;
 	}
 
+	va_start(args, _keyNames);
 	for (ki = 0; ki < keys; ki ++)
 	{
 		keyNames[ki] = _keyNames[ki];
+		outValue = va_arg(args, UJObject *);
+		outValues[ki] = outValue;
 	}
+	va_end(args);
 	
 	while (UJIterObject(&iter, &key, &value))
 	{
@@ -731,12 +735,10 @@ int UJObjectUnpack(UJObject objObj, int keys, const char *format, const wchar_t
 
 			found ++;
 
-      outValue = va_arg(args, UJObject);
-
-      if (outValue != NULL)
-      {
-  			*outValue = value;
-      }
+			if (outValues[ki]) 
+			{
+				*outValues[ki] = value;
+			}
 			keyNames[ki] = NULL;
 
 			if (ki == ks)
@@ -746,7 +748,6 @@ int UJObjectUnpack(UJObject objObj, int keys, const char *format, const wchar_t
 		}
 	}
 
-  va_end(args);
 
 	return found;
 }

Typo/Bug int UJIsInteger(UJObject *obj);

*int UJIsInteger(UJObject obj);

This check function is requesting pointer to a UJObject which is different from all the other check functions. Should be UJObject as the internal code also does not handle pointer to a UJObject

Conformance report for reference

https://github.com/miloyip/nativejson-benchmark/blob/master/sample/conformance_ujson4c%20(C).md

BUG: parsed string length not correctly considered

The library does not correctly consider the length when parsing the input string. If the string is not a NTS, the library will read past the indicated limit.

If the library is passed a correctly formatted JSON and the character next to the indicated end is a non-white space character, the parsing will succeed. But:

if the JSON is incorrect, the parsing can crash;
if the end+1 character is a white string, the parsing will incorrectly fail (for a correct JSON string).

dump as well as load functionality

ujson4c is great, I'm using it in a julia package uJSON.jl.

Is there any chance of adding "dump" functionality here as well as "load" so I don't have to route about in ujson package?

Object unpack may value to wrong output.

If one of the keys parsed by UJObjectUnpack() could is not found, the order which the found keys are stored in output objects is wrong. For instance, following code:

#include <stdio.h>
#include "ujdecode.h"

int main() {
	UJObject obj;
	void *state;
	const char input[] = "{\"a\": {}, \"b\": 200 }";
	size_t cbInput = sizeof(input) - 1;

	const wchar_t *keys[] = { L"a", L"b"};
	UJObject a, b;

	obj = UJDecode(input, cbInput, NULL, &state);

	int ret = UJObjectUnpack(obj, 2, "NN", keys, &a, &b);
	printf("Return value: %d, a = %g, b = %g\n", ret, UJNumericFloat(a), UJNumericFloat(b));

	UJFree(state);
}

will output:

Return value: 1, a = 200, b = 0

No easy way to find out if value was succesfully unpacked.

Related to issue #7, if some values fail to be found or unpacked from an object, there is no easy way to know if object was found or not. There is no UJIsValid() or equivalent call.

Crash on malformed json input.

Following code is enough to crash the program, in function UJObjectUnpack():

#include <stdio.h>
#include "ujdecode.h"

int main() {
	UJObject obj;
	void *state;
	const char input[] = "{\"a\": {}, \"b\": 200 } }";
	size_t cbInput = sizeof(input) - 1;

	const wchar_t *keys[] = { L"a", L"b"};
	UJObject a, b;

	obj = UJDecode(input, cbInput, NULL, &state);

	UJObjectUnpack(obj, 2, "ON", keys, &a, &b);

	UJFree(state);
}

esnme / ujson4c Goto Github PK

ujson4c's People

Contributors

Stargazers

Watchers

Forkers

ujson4c's Issues

BUG: no memory allocation check

BUG: UJObjectUnpack doesn't respect output objects sequence

Typo/Bug int UJIsInteger(UJObject *obj);

Conformance report for reference

BUG: parsed string length not correctly considered

dump as well as load functionality

Object unpack may value to wrong output.

No easy way to find out if value was succesfully unpacked.

Crash on malformed json input.

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

Jobs