NotificationsYou must be signed in to change notification settings
Fork5
Star26

Commit29dcf7d

committed

Properly detect invalid JSON numbers when generating JSON.

Instead of looking for characters that aren't valid in JSON numbers, wesimply pass the output string through the JSON number parser, and if itfails the string is quoted. This means among other things that money anddomains over money will be quoted correctly and generate valid JSON.Fixes bug #8676 reported by Anderson Cristian da Silva.Backpatched to 9.2 where JSON generation was introduced.

1 parenta133bf7 commit29dcf7dCopy full SHA for 29dcf7d

File tree

1 file changed

+23

-15

lines changed

src/backend/utils/adt
- json.c

1 file changed

+23

-15

lines changed

`‎src/backend/utils/adt/json.c`

Lines changed: 23 additions & 15 deletions

Original file line number	Diff line number	Diff line change
`@@ -50,7 +50,7 @@ typedef enum/* contexts of JSON parser */`
`50`	`50`
`51`	`51`	`staticinlinevoidjson_lex(JsonLexContext*lex);`
`52`	`52`	`staticinlinevoidjson_lex_string(JsonLexContext*lex);`
`53`		`-staticinlinevoidjson_lex_number(JsonLexContextlex,chars);`
	`53`	`+staticinlinevoidjson_lex_number(JsonLexContextlex,chars,bool*num_err);`
`54`	`54`	`staticinlinevoidparse_scalar(JsonLexContextlex,JsonSemActionsem);`
`55`	`55`	`staticvoidparse_object_field(JsonLexContextlex,JsonSemActionsem);`
`56`	`56`	`staticvoidparse_object(JsonLexContextlex,JsonSemActionsem);`
`@@ -147,8 +147,6 @@ lex_expect(JsonParseContext ctx, JsonLexContext *lex, JsonTokenType token)`
`147`	`147`	`#defineTYPCATEGORY_JSON 'j'`
`148`	`148`	`/* fake category for types that have a cast to json */`
`149`	`149`	`#defineTYPCATEGORY_JSON_CAST 'c'`
`150`		`-/* letters appearing in numeric output that aren't valid in a JSON number */`
`151`		`-#defineNON_NUMERIC_LETTER "NnAaIiFfTtYy"`
`152`	`150`	`/* chars to consider as part of an alphanumeric token */`
`153`	`151`	`#defineJSON_ALPHANUMERIC_CHAR(c) \`
`154`	`152`	`(((c) >= 'a' && (c) <= 'z') \|\| \`
`@@ -567,7 +565,7 @@ json_lex(JsonLexContext *lex)`
`567`	`565`	`break;`
`568`	`566`	`case'-':`
`569`	`567`	`/* Negative number. */`
`570`		`-json_lex_number(lex,s+1);`
	`568`	`+json_lex_number(lex,s+1,NULL);`
`571`	`569`	`lex->token_type=JSON_TOKEN_NUMBER;`
`572`	`570`	`break;`
`573`	`571`	`case'0':`
`@@ -581,7 +579,7 @@ json_lex(JsonLexContext *lex)`
`581`	`579`	`case'8':`
`582`	`580`	`case'9':`
`583`	`581`	`/* Positive number. */`
`584`		`-json_lex_number(lex,s);`
	`582`	`+json_lex_number(lex,s,NULL);`
`585`	`583`	`lex->token_type=JSON_TOKEN_NUMBER;`
`586`	`584`	`break;`
`587`	`585`	`default:`
`@@ -903,7 +901,7 @@ json_lex_string(JsonLexContext *lex)`
`903`	`901`	`*-------------------------------------------------------------------------`
`904`	`902`	`*/`
`905`	`903`	`staticinlinevoid`
`906`		`-json_lex_number(JsonLexContextlex,chars)`
	`904`	`+json_lex_number(JsonLexContextlex,chars,bool*num_err)`
`907`	`905`	`{`
`908`	`906`	`boolerror= false;`
`909`	`907`	`char*p;`
`@@ -976,10 +974,19 @@ json_lex_number(JsonLexContext lex, char s)`
`976`	`974`	`*/`
`977`	`975`	`for (p=s;len<lex->input_length&&JSON_ALPHANUMERIC_CHAR(*p);p++,len++)`
`978`	`976`	`error= true;`
`979`		`-lex->prev_token_terminator=lex->token_terminator;`
`980`		`-lex->token_terminator=p;`
`981`		`-if (error)`
`982`		`-report_invalid_token(lex);`
	`977`	`+`
	`978`	`+if (num_err!=NULL)`
	`979`	`+{`
	`980`	`+/* let the caller handle the error */`
	`981`	`+*num_err=error;`
	`982`	`+}`
	`983`	`+else`
	`984`	`+{`
	`985`	`+lex->prev_token_terminator=lex->token_terminator;`
	`986`	`+lex->token_terminator=p;`
	`987`	`+if (error)`
	`988`	`+report_invalid_token(lex);`
	`989`	`+}`
`983`	`990`	`}`
`984`	`991`
`985`	`992`	`/*`
`@@ -1214,6 +1221,8 @@ datum_to_json(Datum val, bool is_null, StringInfo result,`
`1214`	`1221`	`{`
`1215`	`1222`	`char*outputstr;`
`1216`	`1223`	`text*jsontext;`
	`1224`	`+boolnumeric_error;`
	`1225`	`+JsonLexContextdummy_lex;`
`1217`	`1226`
`1218`	`1227`	`if (is_null)`
`1219`	`1228`	`{`
`@@ -1237,14 +1246,13 @@ datum_to_json(Datum val, bool is_null, StringInfo result,`
`1237`	`1246`	`break;`
`1238`	`1247`	`caseTYPCATEGORY_NUMERIC:`
`1239`	`1248`	`outputstr=OidOutputFunctionCall(typoutputfunc,val);`
`1240`		`-`
`1241`	`1249`	`/*`
`1242`	`1250`	`* Don't call escape_json here if it's a valid JSON number.`
`1243`		`- * Numeric output should usually be a valid JSON number and JSON`
`1244`		`- * numbers shouldn't be quoted. Quote cases like "Nan" and`
`1245`		`- * "Infinity", however.`
`1246`	`1251`	`*/`
`1247`		`-if (strpbrk(outputstr,NON_NUMERIC_LETTER)==NULL)`
	`1252`	`+dummy_lex.input=*outputstr=='-' ?outputstr+1 :outputstr;`
	`1253`	`+dummy_lex.input_length=strlen(dummy_lex.input);`
	`1254`	`+json_lex_number(&dummy_lex,dummy_lex.input,&numeric_error);`
	`1255`	`+if (!numeric_error)`
`1248`	`1256`	`appendStringInfoString(result,outputstr);`
`1249`	`1257`	`else`
`1250`	`1258`	`escape_json(result,outputstr);`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit29dcf7d

File tree

1 file changed

1 file changed

`‎src/backend/utils/adt/json.c`

0 commit comments