github-code/cJSON
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Limit nesting depth to 1000 and make it configurable.

Browse Source
This commit is contained in:
Max Bruckner
2017-04-27 01:48:40 +02:00
parent 5aa152fa83
commit e0d3a8a265
12 changed files with 54 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
tests/misc_tests.c
View File

@@ -183,6 +183,20 @@ static void typecheck_functions_should_check_type(void)
TEST_ASSERT_TRUE(cJSON_IsRaw(item));
}
static void cjson_should_not_parse_to_deeply_nested_jsons(void)
{
char deep_json[CJSON_NESTING_LIMIT + 1];
size_t position = 0;
for (position = 0; position < sizeof(deep_json); position++)
{
deep_json[position] = '[';
}
deep_json[sizeof(deep_json) - 1] = '\0';
TEST_ASSERT_NULL_MESSAGE(cJSON_Parse(deep_json), "To deep JSONs should not be parsed.");
}
int main(void)
{
UNITY_BEGIN();
@@ -192,6 +206,7 @@ int main(void)
RUN_TEST(cjson_get_object_item_should_get_object_items);
RUN_TEST(cjson_get_object_item_case_sensitive_should_get_object_items);
RUN_TEST(typecheck_functions_should_check_type);
RUN_TEST(cjson_should_not_parse_to_deeply_nested_jsons);
return UNITY_END();
}

6
tests/parse_array.c
View File

@@ -44,10 +44,9 @@ static void assert_is_array(cJSON *array_item)
static void assert_not_array(const char *json)
{
parse_buffer buffer;
parse_buffer buffer = { 0, 0, 0, 0 };
buffer.content = (const unsigned char*)json;
buffer.length = strlen(json) + sizeof("");
buffer.offset = 0;
TEST_ASSERT_FALSE(parse_array(item, &buffer, &global_hooks));
assert_is_invalid(item);
@@ -55,10 +54,9 @@ static void assert_not_array(const char *json)
static void assert_parse_array(const char *json)
{
parse_buffer buffer;
parse_buffer buffer = { 0, 0, 0, 0 };
buffer.content = (const unsigned char*)json;
buffer.length = strlen(json) + sizeof("");
buffer.offset = 0;
TEST_ASSERT_TRUE(parse_array(item, &buffer, &global_hooks));
assert_is_array(item);

3
tests/parse_number.c
View File

@@ -45,10 +45,9 @@ static void assert_is_number(cJSON *number_item)
static void assert_parse_number(const char *string, int integer, double real)
{
parse_buffer buffer;
parse_buffer buffer = { 0, 0, 0, 0 };
buffer.content = (const unsigned char*)string;
buffer.length = strlen(string) + sizeof("");
buffer.offset = 0;
TEST_ASSERT_TRUE(parse_number(item, &buffer));
assert_is_number(item);

6
tests/parse_object.c
View File

@@ -52,10 +52,9 @@ static void assert_is_child(cJSON *child_item, const char *name, int type)
static void assert_not_object(const char *json)
{
parse_buffer parsebuffer;
parse_buffer parsebuffer = { 0, 0, 0, 0 };
parsebuffer.content = (const unsigned char*)json;
parsebuffer.length = strlen(json) + sizeof("");
parsebuffer.offset = 0;
TEST_ASSERT_FALSE(parse_object(item, &parsebuffer, &global_hooks));
assert_is_invalid(item);
@@ -64,10 +63,9 @@ static void assert_not_object(const char *json)
static void assert_parse_object(const char *json)
{
parse_buffer parsebuffer;
parse_buffer parsebuffer = { 0, 0, 0, 0 };
parsebuffer.content = (const unsigned char*)json;
parsebuffer.length = strlen(json) + sizeof("");
parsebuffer.offset = 0;
TEST_ASSERT_TRUE(parse_object(item, &parsebuffer, &global_hooks));
assert_is_object(item);

6
tests/parse_string.c
View File

@@ -45,10 +45,9 @@ static void assert_is_string(cJSON *string_item)
static void assert_parse_string(const char *string, const char *expected)
{
parse_buffer buffer;
parse_buffer buffer = { 0, 0, 0, 0 };
buffer.content = (const unsigned char*)string;
buffer.length = strlen(string) + sizeof("");
buffer.offset = 0;
TEST_ASSERT_TRUE_MESSAGE(parse_string(item, &buffer, &global_hooks), "Couldn't parse string.");
assert_is_string(item);
@@ -59,10 +58,9 @@ static void assert_parse_string(const char *string, const char *expected)
static void assert_not_parse_string(const char * const string)
{
parse_buffer buffer;
parse_buffer buffer = { 0, 0, 0, 0 };
buffer.content = (const unsigned char*)string;
buffer.length = strlen(string) + sizeof("");
buffer.offset = 0;
TEST_ASSERT_FALSE_MESSAGE(parse_string(item, &buffer, &global_hooks), "Malformed string should not be accepted.");
assert_is_invalid(item);

3
tests/parse_value.c
View File

@@ -43,10 +43,9 @@ static void assert_is_value(cJSON *value_item, int type)
static void assert_parse_value(const char *string, int type)
{
parse_buffer buffer;
parse_buffer buffer = { 0, 0, 0, 0 };
buffer.content = (const unsigned char*) string;
buffer.length = strlen(string) + sizeof("");
buffer.offset = 0;
TEST_ASSERT_TRUE(parse_value(item, &buffer, &global_hooks));
assert_is_value(item, type);
}

3
tests/print_array.c
View File

@@ -34,10 +34,9 @@ static void assert_print_array(const char * const expected, const char * const i
printbuffer formatted_buffer;
printbuffer unformatted_buffer;
parse_buffer parsebuffer;
parse_buffer parsebuffer = { 0, 0, 0, 0 };
parsebuffer.content = (const unsigned char*)input;
parsebuffer.length = strlen(input) + sizeof("");
parsebuffer.offset = 0;
/* buffer for formatted printing */
formatted_buffer.buffer = printed_formatted;

3
tests/print_object.c
View File

@@ -33,12 +33,11 @@ static void assert_print_object(const char * const expected, const char * const
printbuffer formatted_buffer;
printbuffer unformatted_buffer;
parse_buffer parsebuffer;
parse_buffer parsebuffer = { 0, 0, 0, 0 };
/* buffer for parsing */
parsebuffer.content = (const unsigned char*)input;
parsebuffer.length = strlen(input) + sizeof("");
parsebuffer.offset = 0;
/* buffer for formatted printing */
formatted_buffer.buffer = printed_formatted;

3
tests/print_value.c
View File

@@ -33,7 +33,7 @@ static void assert_print_value(const char *input)
unsigned char printed[1024];
cJSON item[1];
printbuffer buffer;
parse_buffer parsebuffer;
parse_buffer parsebuffer = { 0, 0, 0, 0 };
buffer.buffer = printed;
buffer.length = sizeof(printed);
buffer.offset = 0;
@@ -41,7 +41,6 @@ static void assert_print_value(const char *input)
parsebuffer.content = (const unsigned char*)input;
parsebuffer.length = strlen(input) + sizeof("");
parsebuffer.offset = 0;
memset(item, 0, sizeof(item));