From: drh <> Date: Sat, 7 Oct 2023 19:40:20 +0000 (+0000) Subject: Improved detection of malformed JSONB when parsing it into a JsonNode array. X-Git-Tag: version-3.45.0~116^2~91 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3efb2c47918e47c391d04b49cbebe24b31c3464b;p=thirdparty%2Fsqlite.git Improved detection of malformed JSONB when parsing it into a JsonNode array. FossilOrigin-Name: ed99a788415e1f8375bd5ec004dd18b1cd0fae4aa94558170882ca487f6dff93 --- diff --git a/manifest b/manifest index 588048d8e9..3e86195bd3 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sthe\sjsonbChangePayloadSize()\sroutine\sso\sthat\sit\sshifts\sthe\spayload\sin\sorder\nto\salways\srender\sthe\smost\scompact\sencoding\sof\sthe\spayload\ssize.\s\sThis\sis\nnecessary\sas\ssometimes\s(as\sdiscovered\sby\sdbsqlfuzz)\sthe\spayload\ssize\scan\ngrow\ssignificantly\sdue\sto\sjson_insert()\sor\sjson_replace(). -D 2023-10-07T19:05:10.497 +C Improved\sdetection\sof\smalformed\sJSONB\swhen\sparsing\sit\sinto\sa\sJsonNode\sarray. +D 2023-10-07T19:40:20.950 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -670,7 +670,7 @@ F src/hash.h 3340ab6e1d13e725571d7cee6d3e3135f0779a7d8e76a9ce0a85971fa3953c51 F src/hwtime.h f9c2dfb84dce7acf95ce6d289e46f5f9d3d1afd328e53da8f8e9008e3b3caae6 F src/in-operator.md 10cd8f4bcd225a32518407c2fb2484089112fd71 F src/insert.c 3f0a94082d978bbdd33c38fefea15346c6c6bffb70bc645a71dc0f1f87dd3276 -F src/json.c f526f060002c245769018dc5610bb64c981fb41b239b4d21781c47c6f6e83f1c +F src/json.c 98ef9894e38f07a5565160b297754937ff3ac2b800241f16a60c6168251d3aa3 F src/legacy.c d7874bc885906868cd51e6c2156698f2754f02d9eee1bae2d687323c3ca8e5aa F src/loadext.c 98cfba10989b3da6f1807ad42444017742db7f100a54f1032af7a8b1295912c0 F src/main.c 618aeb399e993cf561864f4b0cf6a331ee4f355cf663635f8d9da3193a46aa40 @@ -2124,8 +2124,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 2f3388f14c843f1c02926e8b929365c06c1f1f4ea6fe6316092c3799c14549d3 -R 9d37d6a70144b585d8728dd14898ad5e +P 8d6d04ca975ec55c419d40d8463c433b0db698c9fb4812ab9f16d4ee5bee460e +R 6b6b7362eeaf8bd29175dff0f94e9ac1 U drh -Z 1ec73fd9ef6d1fd16b94f82c874a9e54 +Z 3aae7be717232d09cf2cbfe5dd8cc288 # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index 76641696e4..46067f0f9c 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -8d6d04ca975ec55c419d40d8463c433b0db698c9fb4812ab9f16d4ee5bee460e \ No newline at end of file +ed99a788415e1f8375bd5ec004dd18b1cd0fae4aa94558170882ca487f6dff93 \ No newline at end of file diff --git a/src/json.c b/src/json.c index 6f31214f55..1cfaaaf58a 100644 --- a/src/json.c +++ b/src/json.c @@ -3481,31 +3481,38 @@ static int jsonParseValueFromBlob(JsonParse *pParse, u32 i){ zPayload = &pParse->zJson[i+x]; switch( t ){ case JSONB_NULL: { + if( sz>0 ) return -1; jsonParseAddNode(pParse, JSON_NULL, 0, 0); break; } case JSONB_TRUE: { + if( sz>0 ) return -1; jsonParseAddNode(pParse, JSON_TRUE, 0, 0); break; } case JSONB_FALSE: { + if( sz>0 ) return -1; jsonParseAddNode(pParse, JSON_FALSE, 0, 0); break; } case JSONB_INT: { + if( sz==0 ) return -1; jsonParseAddNode(pParse, JSON_INT, sz, zPayload); break; } case JSONB_INT5: { + if( sz==0 ) return -1; pParse->hasNonstd = 1; jsonParseAddNode(pParse, JSON_INT | (JNODE_JSON5<<8), sz, zPayload); break; } case JSONB_FLOAT: { + if( sz==0 ) return -1; jsonParseAddNode(pParse, JSON_REAL, sz, zPayload); break; } case JSONB_FLOAT5: { + if( sz==0 ) return -1; pParse->hasNonstd = 1; jsonParseAddNode(pParse, JSON_REAL | (JNODE_JSON5<<8), sz, zPayload); break;