The behavior of the json_object_array_put_idx() is that, if a user wants to
insert an element inside a JSON array, the element will be replaced.
For some cases, a user would want to insert an element into the JSON array
and shift the elements to the right.
For indexes that are outside the length of the current array this behaves
like json_object_array_put_idx().
If a user wants to enforce that the JSON array is not expanded, then the
json_object_array_length() function can be used to guard against that.
The main driver for this change is JSON patch, where the 'add' operation in
an array means inserting a value at a certain index and shifting everything
by one.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This option enable color in json_object_to_json_string_ext.
I've try to made something similar to jq output,
but I've color true/false and null in purple,
as it's what is common color scheme used in programing language in emacs.
also add a '-c' option into json_parser to test it.
note: that I could have done a color() function similar to
what is done with indent(), but as the code is pretty small
I've keep it as it. so if you want me to use a subfunction
tell me and I'll do it.
Signed-off-by: Matthias Gatto <matthias.gatto@protonmail.com>
When a json string object is updated with a bigger string, a new
malloc'ed buffer is used to store the new string and it's size is made
negative to indicate that an external buffer is in use.
When that same json string object get's updated again with an empty
stirng (size = 0), the new external malloc'ed buffer is still used.
But the fact that the new size value is not negative removes the
indicator that the externally malloc'ed buffer is used.
This becomes a problem when the object get's updated again with any
other string, because a new buffer will be malloced and linked to the
object while to old one won't be free'd.
This causes a memory leak when updating a json string with
json_object_set_stirng() which has previously been updated
with an empty string.
Example:
--
obj = json_object_new_string("data");
json_object_set_string(obj, "more data");
json_object_set_string(obj, "");
json_object_set_string(obj, "other data"); /* leaks */
--
This commit fixes the issue by free'ing the external buffer when an
empty string is set and use the internal one again.
Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
If memory allocation fails in json_c_set_serialization_double_format or
json_object_copy_serializer_data then return with an error value and
preserve previous values without overriding them with NULL.
This makes Coverity Scan happier since it believes that the initial
check ``if (!src->_userdata && !src->_user_delete)`` could mean that
src->_user_data may be nullptr.
Current behaviour is perfectly valid, since wrap-over upon overflow is
well defined behaviour for unsigned types, but it is nevertheless nice to be
able to build with -fsanitize=undefined,unsigned-integer-overflow
There is no significant effect on the generated assembly as can be seen
on the diff of objdump -d output on a optimized build (the compiler
just decided to switch the order of a comparison):
@@ -135,8 +135,8 @@
1d0: 0f 84 70 ff ff ff je 146 <json_escape_str+0x146>
1d6: 4c 3b 24 24 cmp (%rsp),%r12
1da: 0f 85 2d ff ff ff jne 10d <json_escape_str+0x10d>
- 1e0: 49 39 f4 cmp %rsi,%r12
- 1e3: 0f 87 b7 00 00 00 ja 2a0 <json_escape_str+0x2a0>
+ 1e0: 4c 39 e6 cmp %r12,%rsi
+ 1e3: 0f 82 b7 00 00 00 jb 2a0 <json_escape_str+0x2a0>
1e9: 48 8b 44 24 18 mov 0x18(%rsp),%rax
1ee: 64 48 33 04 25 28 00 xor %fs:0x28,%rax
1f5: 00 00
This change introduces JSON_C_OBJECT_ADD_CONSTANT_KEY
as a replacement of JSON_C_OBJECT_KEY_IS_CONSTANT.
The description of json_object_object_add_ex tells to
look at the flags JSON_C_OBJECT_ADD_* but it is not
for JSON_C_OBJECT_KEY_IS_CONSTANT.
From the point of vue of a developper using json-c,
the function json_object_object_add_ex is mainly used,
not the hash facility, it seems more natural to provide
a regular naming of prefix JSON_C_OBJECT_ADD_CONSTANT_KEY.
Several issues occur if a string is longer than INT_MAX:
- The function json_object_get_string_len returns the length of a string
as int. If the string is longer than INT_MAX, the result would be
negative.
- That in turn would lead to possible out of boundary access when
comparing these strings with memcmp and the returned length as done in
json_object_equal.
- If json_escape_str is called with such strings, out of boundary
accesses can occur due to internal int handling (also fixed).
- The string cannot be printed out due to printbuffer limits at
INT_MAX (which is still true after this commit).
Such huge strings can only be inserted through API calls at this point
because input files are capped at INT_MAX anyway.
Due to huge amount of RAM needed to reproduce these issues I have not
added test cases.
This causes previously failing strings like "123-456" to return a valid json_object with the appropriate value. If you care about the trailing content, call json_tokener_parse_ex() and check the parse end point with json_tokener_get_parse_end().
Remove all of the temporary defines, structures, old compat fuctions, extra fields, etc... that were needed during the conversion to a split set of json_object_* structures.
The default is now that string data is stored inline at the end of json_object, though to allow for json_object_set_string() to set a _longer_ string, we still need to allow for the possibility of a separate char * pointer.
All json types have been split out now, next step it cleanup.
The current changes split out _only_ json_type_object, and thus have a number of hacks
to allow the code to continue to build and work.
Originally mentioned in issue #535.
When complete, this will probably invalidate #552.
This is likely to cause notable conflicts in any other significant un-merged
changes, such as PR#620.
A custom double formatter can lead to truncation of the rest of the
JSON document.
If a custom formatter completely fills the buffer used by snprintf
with a trailing dot or comma and the formatting option
JSON_C_TO_STRING_NOZERO has been specified, then an iterator moves
past the ending '\0' (off-by-one buffer overflow) to set an
additional '\0' and adds the first '\0' into the printbuf.
Since '\0' will eventually be considered the terminating character
of the complete printbuf result, all trailing characters are lost.
This leads to an incomplete JSON string as can be seen with the
test case.
The off-by-one can be noticed if compiled with address sanitizer.
Since this is a very special case and a malformed formatter could
do way more harm and is the responsibility of the user of this
library, this is just a protective measure to keep json-c code as
robust as possible.
