]> git.ipfire.org Git - thirdparty/json-c.git/log
thirdparty/json-c.git
3 years agoMerge pull request #754 from c3h2-ctf/doc
Eric Hawicz [Sat, 19 Mar 2022 14:04:58 +0000 (10:04 -0400)] 
Merge pull request #754 from c3h2-ctf/doc

Minor improvements to documentation

3 years agoFix typos in comments 754/head
Tobias Stoeckmann [Sat, 19 Mar 2022 09:39:10 +0000 (10:39 +0100)] 
Fix typos in comments

Spotted during code reviews.

3 years agoAdjusted URLs
Tobias Stoeckmann [Sat, 19 Mar 2022 09:34:55 +0000 (10:34 +0100)] 
Adjusted URLs

Most of these sites support HTTPS (some forward to HTTPS when accessing
the HTTP versions). Use HTTPS directly if supported.

Some URLs led to 404 error pages. Adjusted the links to point to
new locations.

I did not adjust the Microsoft HTML Help Workshop link because it seems
that this software is not available anymore. Instead of removing the
link entirely I kept it there in case it helps someone to find the
software on archived websites.

3 years agoMerge pull request #748 from c3h2-ctf/printbuf
Eric Hawicz [Mon, 7 Mar 2022 05:06:57 +0000 (00:06 -0500)] 
Merge pull request #748 from c3h2-ctf/printbuf

sprintbuf(): test for all vsnprintf error values

3 years agoMerge pull request #752 from c3h2-ctf/typos
Eric Hawicz [Mon, 7 Mar 2022 04:33:42 +0000 (23:33 -0500)] 
Merge pull request #752 from c3h2-ctf/typos

Fix typos

3 years agoFix typos 752/head
Tobias Stoeckmann [Sun, 6 Mar 2022 15:07:36 +0000 (16:07 +0100)] 
Fix typos

Mostly found with codespell and during code review.

3 years agosprintbuf(): test for all vsnprintf error values 748/head
Tobias Stoeckmann [Sun, 27 Feb 2022 20:45:28 +0000 (21:45 +0100)] 
sprintbuf(): test for all vsnprintf error values

The POSIX specification states that vsnprintf returns "a negative value"
in case of error, but the code checks explicitly only for -1.

3 years agoMerge pull request #749 from c3h2-ctf/sprintbuf
Eric Hawicz [Fri, 4 Mar 2022 02:32:09 +0000 (21:32 -0500)] 
Merge pull request #749 from c3h2-ctf/sprintbuf

sprintbuf(): handle printbuf_memappend errors

3 years agoMerge pull request #750 from c3h2-ctf/clearmem
Eric Hawicz [Fri, 4 Mar 2022 02:29:27 +0000 (21:29 -0500)] 
Merge pull request #750 from c3h2-ctf/clearmem

printbuf_memset(): set gaps to zero

3 years agoMerge pull request #751 from c3h2-ctf/arguments
Eric Hawicz [Fri, 4 Mar 2022 02:26:22 +0000 (21:26 -0500)] 
Merge pull request #751 from c3h2-ctf/arguments

printbuf: do not allow invalid arguments

3 years agosprintbuf(): handle printbuf_memappend errors 749/head
Tobias Stoeckmann [Thu, 3 Mar 2022 20:24:27 +0000 (21:24 +0100)] 
sprintbuf(): handle printbuf_memappend errors

If errors occur in printbuf_memappend, then these errors should be
propagated through sprintbuf to indicate the error to the user.

Proof of Concept:
```
 #include <err.h>
 #include <limits.h>
 #include <stdio.h>

 #include "json.h"

 int
 main(void) {
  struct printbuf *pb;
  if ((pb = printbuf_new()) == NULL)
   err(1, "printbuf_new");
  if (printbuf_memset(pb, INT_MAX - 9, 'a', 1) < 0)
   errx(1, "printbuf_memset");
  printf("length: %d\n", printbuf_length(pb));
  printf("sprintbuf: %d\n", sprintbuf(pb, "string too long"));
  printf("length: %d\n", printbuf_length(pb));
  printbuf_free(pb);
  return 0;
 }
```

You can see that sprintbuf does not return an error but length is still
the same, i.e. the string "string too long" has not been appended.

I would like to add this as a unit test but it really depends on the
operating system if printbuf_memset() would fail if not enough memory is
available or not.

3 years agoprintbuf_memset(): set gaps to zero 750/head
Tobias Stoeckmann [Thu, 3 Mar 2022 20:18:53 +0000 (21:18 +0100)] 
printbuf_memset(): set gaps to zero

It is possible to have a printbuf with "gaps", i.e. areas within the
print buffer which have not been initialized by using printbuf_memset.

Always clear memory in such cases.

Example:
```
struct printbuf *pb = printbuf_new();
printbuf_memset(pb, 10, 'a', 2);
```
In this case pb->buf[0] is '\0' but pb->buf[1] up to pb->buf[9] are
not set. The length would be 12 due to successful printbuf_memset.

3 years agoprintbuf: do not allow invalid arguments 751/head
Tobias Stoeckmann [Thu, 3 Mar 2022 20:15:19 +0000 (21:15 +0100)] 
printbuf: do not allow invalid arguments

If invalid arguments are passed to printbuf functions return -1 to
protect printbuf internals.

3 years agoMerge pull request #745 from c3h2-ctf/vasprintf
Eric Hawicz [Sun, 27 Feb 2022 13:34:21 +0000 (08:34 -0500)] 
Merge pull request #745 from c3h2-ctf/vasprintf

vasprintf(): avoid out of memory accesses

3 years agoMerge pull request #746 from rouault/typo_fixes
Eric Hawicz [Sun, 27 Feb 2022 04:45:15 +0000 (23:45 -0500)] 
Merge pull request #746 from rouault/typo_fixes

Fix typos in code comments and ChangeLog

3 years agoFix typos in code comments and ChangeLog 746/head
Even Rouault [Thu, 24 Feb 2022 23:14:47 +0000 (00:14 +0100)] 
Fix typos in code comments and ChangeLog

3 years agovasprintf(): avoid out of memory accesses 745/head
Tobias Stoeckmann [Thu, 24 Feb 2022 20:35:44 +0000 (21:35 +0100)] 
vasprintf(): avoid out of memory accesses

Systems without vasprintf fall back to implementation in header file
vasprintf_compat.h. This version could run into heap overflow issues
with very long arguments or formats provoking a lot of output.

The vsnprintf function returns a negative value if more than INT_MAX
characters would be written since its int return type could not
handle this (and %n couldn't handle it either).

Before testing for a possible error value the additional char for
\0 is already added. A -1 error code would not be detected.

Increment only after implicitly casting to an unsigned value to avoid
signed integer overflow if INT_MAX has been returned.

Use va_copy to duplicate the original ap argument for multiple uses
on non-WIN32 systems. At least with glibc the test suite would fail
because the arguments are not reset after leaving the vsnprintf call.

Removed support for apparently very old glibc versions which do not
comply with vsnprintf standard descriptions. It breaks support for
modern ones which are not forced to return -1 in case of error. The
standard specifies merely "a negative value".

How to reproduce:

- Use a system without vasprintf
- Alternatively remove -D_GNU_SOURCE from CMakeLists.txt
- Compile and run:

  #include "json.h"
  int main(void) {
    struct printbuf *pb = printbuf_new();
    sprintbuf(pb, "prefix %2147483647s", "*");
    printbuf_free(pb);
    return 0;
  }

3 years agoMerge pull request #739 from rouault/avoid_unsigned_integer_overflow
Eric Hawicz [Sat, 19 Feb 2022 01:21:18 +0000 (20:21 -0500)] 
Merge pull request #739 from rouault/avoid_unsigned_integer_overflow

json_escape_str(): avoid harmless unsigned integer overflow

3 years agoMerge pull request #741 from rouault/json_type_to_name_formatter
Eric Hawicz [Sat, 19 Feb 2022 01:08:31 +0000 (20:08 -0500)] 
Merge pull request #741 from rouault/json_type_to_name_formatter

json_type_to_name(): use correct printf() formatter

3 years agoMerge pull request #742 from rouault/json_object_copy_serializer_data_add_assertion
Eric Hawicz [Sat, 19 Feb 2022 01:08:02 +0000 (20:08 -0500)] 
Merge pull request #742 from rouault/json_object_copy_serializer_data_add_assertion

json_object_copy_serializer_data(): add assertion

3 years agoMerge pull request #744 from Kizuna-Meraki/close-random
Eric Hawicz [Sat, 19 Feb 2022 01:07:33 +0000 (20:07 -0500)] 
Merge pull request #744 from Kizuna-Meraki/close-random

Close file on error path.

3 years agoClose file on error path. 744/head
Kizuna-Meraki [Thu, 17 Feb 2022 20:27:01 +0000 (21:27 +0100)] 
Close file on error path.

The file was only be closed when there was no error and
was being left open when there was an error. By moving
the close(fd) statement out of the if-clause, the file
can be close regardless if there is an error or not.
After the file is closed, it can be checked for errors.

3 years agojson_type_to_name(): use correct printf() formatter 741/head
Even Rouault [Sun, 16 Jan 2022 19:48:27 +0000 (20:48 +0100)] 
json_type_to_name(): use correct printf() formatter

Was detected by Coverity Scan when analyzing GDAL's code base which has
a copy of json-c

3 years agojson_object_copy_serializer_data(): add assertion 742/head
Even Rouault [Sun, 16 Jan 2022 19:50:56 +0000 (20:50 +0100)] 
json_object_copy_serializer_data(): add assertion

This makes Coverity Scan happier since it believes that the initial
check ``if (!src->_userdata && !src->_user_delete)`` could mean that
src->_user_data may be nullptr.

3 years agojson_escape_str(): avoid harmless unsigned integer overflow 739/head
Even Rouault [Wed, 12 Jan 2022 22:43:03 +0000 (23:43 +0100)] 
json_escape_str(): avoid harmless unsigned integer overflow

Current behaviour is perfectly valid, since wrap-over upon overflow is
well defined behaviour for unsigned types, but it is nevertheless nice to be
able to build with -fsanitize=undefined,unsigned-integer-overflow

There is no significant effect on the generated assembly as can be seen
on the diff of objdump -d output on a optimized build (the compiler
just decided to switch the order of a comparison):

@@ -135,8 +135,8 @@
  1d0: 0f 84 70 ff ff ff     je     146 <json_escape_str+0x146>
  1d6: 4c 3b 24 24           cmp    (%rsp),%r12
  1da: 0f 85 2d ff ff ff     jne    10d <json_escape_str+0x10d>
- 1e0: 49 39 f4              cmp    %rsi,%r12
- 1e3: 0f 87 b7 00 00 00     ja     2a0 <json_escape_str+0x2a0>
+ 1e0: 4c 39 e6              cmp    %r12,%rsi
+ 1e3: 0f 82 b7 00 00 00     jb     2a0 <json_escape_str+0x2a0>
  1e9: 48 8b 44 24 18        mov    0x18(%rsp),%rax
  1ee: 64 48 33 04 25 28 00  xor    %fs:0x28,%rax
  1f5: 00 00

3 years agoMerge pull request #737 from tniessen/patch-1
Eric Hawicz [Wed, 12 Jan 2022 02:25:38 +0000 (21:25 -0500)] 
Merge pull request #737 from tniessen/patch-1

Fix typo in README

3 years agoFix typo in README 737/head
Tobias Nießen [Sun, 9 Jan 2022 23:12:25 +0000 (00:12 +0100)] 
Fix typo in README

3 years agoCause the cmake include dirs to also have ${CMAKE_INSTALL_INCLUDEDIR}/json-c, so...
Eric Haszlakiewicz [Wed, 22 Dec 2021 02:52:37 +0000 (02:52 +0000)] 
Cause the cmake include dirs to also have ${CMAKE_INSTALL_INCLUDEDIR}/json-c, so downstream packages that use cmake to link against json-c can choose whether to include headers as just e.g. #include <json_object.h>, if they care to do so.
Update the README to better explain this, and make a few other tweaks.

3 years agoAdd linkhash accessor functions (lh_table_head(), lh_entry_next(), etc...) to pave...
Eric Haszlakiewicz [Tue, 30 Nov 2021 03:27:55 +0000 (03:27 +0000)] 
Add linkhash accessor functions (lh_table_head(), lh_entry_next(), etc...) to pave the way for making the lh_table and lh_entry structure opaque in the future.
Update the docs to mark all members of those structures deprecated, and
 suggest what to use instead.

3 years agoDrop the REFCOUNT_DEBUG code, it hasn't been used in ages.
Eric Haszlakiewicz [Tue, 30 Nov 2021 03:08:02 +0000 (03:08 +0000)] 
Drop the REFCOUNT_DEBUG code, it hasn't been used in ages.

3 years agoMerge pull request #734 from json-c/newer-appveyor
Eric Hawicz [Mon, 29 Nov 2021 18:40:41 +0000 (13:40 -0500)] 
Merge pull request #734 from json-c/newer-appveyor

Newer appveyor config for VS2022 etc...
Update the appveyor config to specify "image" instead of just "os", and build for VS2017, VS2019 and VS2022.

3 years agoPut the most recent image first in appveyor builds. 734/head
Eric Haszlakiewicz [Mon, 29 Nov 2021 18:21:05 +0000 (18:21 +0000)] 
Put the most recent image first in appveyor builds.

3 years agoSkip most "Release" builds. s/b_config/CONFIGURATION/ to fix artifact creation.
Eric Haszlakiewicz [Mon, 29 Nov 2021 18:18:48 +0000 (18:18 +0000)] 
Skip most "Release" builds.  s/b_config/CONFIGURATION/ to fix artifact creation.

3 years agoThere doesn't seem to be a way to extend the appveyor build matrix for just one image...
Eric Haszlakiewicz [Sat, 27 Nov 2021 02:55:29 +0000 (02:55 +0000)] 
There doesn't seem to be a way to extend the appveyor build matrix for just one image, so instead list a whole bunch of excluded builds.

3 years agoUse the newer appveyor images to build for VS2017 and VS2019. Trim the number of...
Eric Haszlakiewicz [Sat, 27 Nov 2021 02:29:26 +0000 (02:29 +0000)] 
Use the newer appveyor images to build for VS2017 and VS2019.  Trim the number of builds we do.

3 years agoNote the need to also set CTEST_OUTPUT_ON_FAILURE to get test output
Eric Haszlakiewicz [Fri, 26 Nov 2021 22:49:06 +0000 (22:49 +0000)] 
Note the need to also set CTEST_OUTPUT_ON_FAILURE to get test output

3 years agoMerge pull request #732 from DiracResearch/fix/static_include_dirs
Eric Hawicz [Fri, 12 Nov 2021 04:52:43 +0000 (23:52 -0500)] 
Merge pull request #732 from DiracResearch/fix/static_include_dirs

Fix/static include dirs

3 years agoFix uninitialized value error for clang-8 msan 732/head
Robert Bielik [Thu, 11 Nov 2021 09:23:05 +0000 (10:23 +0100)] 
Fix uninitialized value error for clang-8 msan

3 years agoFix for clang ub sanitizer
Robert Bielik [Thu, 11 Nov 2021 08:35:31 +0000 (09:35 +0100)] 
Fix for clang ub sanitizer

3 years agoAdd target include dirs for static library as well
Robert Bielik [Wed, 10 Nov 2021 15:04:01 +0000 (16:04 +0100)] 
Add target include dirs for static library as well

4 years agoMerge pull request #727 from jobol/propo2
Eric Hawicz [Fri, 22 Oct 2021 23:06:11 +0000 (19:06 -0400)] 
Merge pull request #727 from jobol/propo2

Really use prefix JSON_C_OBJECT_ADD_

4 years agoReally use prefix JSON_C_OBJECT_ADD_* 727/head
José Bollo [Tue, 12 Oct 2021 12:42:12 +0000 (14:42 +0200)] 
Really use prefix JSON_C_OBJECT_ADD_*

This change introduces JSON_C_OBJECT_ADD_CONSTANT_KEY
as a replacement of JSON_C_OBJECT_KEY_IS_CONSTANT.

The description of json_object_object_add_ex tells to
look at the flags JSON_C_OBJECT_ADD_* but it is not
for JSON_C_OBJECT_KEY_IS_CONSTANT.

From the point of vue of a developper using json-c,
the function json_object_object_add_ex is mainly used,
not the hash facility, it seems more natural to provide
a regular naming of prefix JSON_C_OBJECT_ADD_CONSTANT_KEY.

4 years agoMerge pull request #729 from DeX77/patch-1
Eric Hawicz [Sun, 17 Oct 2021 18:23:28 +0000 (14:23 -0400)] 
Merge pull request #729 from DeX77/patch-1

* don't assume includedir

4 years ago* don't assume includedir 729/head
DeX77 [Fri, 15 Oct 2021 09:12:39 +0000 (11:12 +0200)] 
* don't assume includedir

This change syncs the public header include install location with what gets written into pkgconfig file.

4 years agoMerge pull request #726 from leongross/fix/test-cmake3.1
Eric Hawicz [Sat, 9 Oct 2021 13:17:25 +0000 (09:17 -0400)] 
Merge pull request #726 from leongross/fix/test-cmake3.1

fix cmake version for tests

4 years agofix cmake version for tests 726/head
Leon Gross [Wed, 6 Oct 2021 12:40:52 +0000 (14:40 +0200)] 
fix cmake version for tests

4 years agoMerge pull request #722 from imaami/fix-json_tokener_new_ex-use-after-free
Eric Hawicz [Sun, 5 Sep 2021 03:16:13 +0000 (23:16 -0400)] 
Merge pull request #722 from imaami/fix-json_tokener_new_ex-use-after-free

Fix use-after-free in json_tokener_new_ex()

4 years agoFix use-after-free in json_tokener_new_ex() 722/head
Juuso Alasuutari [Sat, 4 Sep 2021 17:14:30 +0000 (20:14 +0300)] 
Fix use-after-free in json_tokener_new_ex()

The failure path taken in the event of printbuf_new() returning NULL
calls free() on tok->stack after already having freed tok. Swap the
order of the two calls to fix an obvious memory access violation.

Fixes: bcb6d7d3474b ("Handle allocation failure in json_tokener_new_ex")
Signed-off-by: Juuso Alasuutari <juuso.alasuutari@gmail.com>
4 years agoMerge pull request #718 from Pawday/master
Eric Hawicz [Sun, 1 Aug 2021 02:46:01 +0000 (22:46 -0400)] 
Merge pull request #718 from Pawday/master

CMake create uninstall target if unix generator is used

4 years agoSetted cmake "uninstall" target to exist in unix like operating systems only 718/head
Pawday [Mon, 26 Jul 2021 15:52:29 +0000 (18:52 +0300)] 
Setted cmake "uninstall" target to exist in unix like operating systems only

4 years agoAdd workaround for Visual Studio not knowing about "inline".
Eric Haszlakiewicz [Sun, 25 Jul 2021 20:31:59 +0000 (20:31 +0000)] 
Add workaround for Visual Studio not knowing about "inline".

4 years agoSwitch the Travis build to use osx_image: xcode12.5, in an attempt to avoid timeouts...
Eric Haszlakiewicz [Sun, 25 Jul 2021 20:03:55 +0000 (20:03 +0000)] 
Switch the Travis build to use osx_image: xcode12.5, in an attempt to avoid timeouts with Homebrew.

4 years agoMerge some old work to include (some of) PR #464 into the current master branch.
Eric Haszlakiewicz [Sun, 25 Jul 2021 19:07:06 +0000 (19:07 +0000)] 
Merge some old work to include (some of) PR #464 into the current master branch.

4 years agoOnly define an "uninstall" target if it's not already defined (e.g. by projects that...
Eric Haszlakiewicz [Sun, 25 Jul 2021 15:11:11 +0000 (15:11 +0000)] 
Only define an "uninstall" target if it's not already defined (e.g. by projects that include json-c)

4 years agoMerge pull request #714 from Hex052/clang-format_AfterCaseLabel
Eric Hawicz [Mon, 5 Jul 2021 22:18:06 +0000 (18:18 -0400)] 
Merge pull request #714 from Hex052/clang-format_AfterCaseLabel

Add AfterCaseLabel to .clang-format

4 years agoAdd AfterCaseLabel to .clang-format 714/head
Hex052 [Mon, 5 Jul 2021 02:28:21 +0000 (18:28 -0800)] 
Add AfterCaseLabel to .clang-format

This is to fix the behavior that might've changed between older versions of clang-format, I'm not sure.
Version 10 tries to put the bracket on the same line as case without this.

4 years agoIf inttypes.h is present, use it, even on Windows.
Eric Haszlakiewicz [Sun, 13 Jun 2021 21:12:22 +0000 (21:12 +0000)] 
If inttypes.h is present, use it, even on Windows.

4 years agoIssue #709: adjust some include guards to be a bit more json-c specific.
Eric Haszlakiewicz [Wed, 2 Jun 2021 23:53:23 +0000 (23:53 +0000)] 
Issue #709: adjust some include guards to be a bit more json-c specific.

4 years agoMerge pull request #706 from davidjmccann/master
Eric Hawicz [Sat, 15 May 2021 12:41:24 +0000 (08:41 -0400)] 
Merge pull request #706 from davidjmccann/master

Check __STDC_VERSION__ is defined before checking its value

4 years agoMerge branch 'json-c:master' into master 706/head
David McCann [Thu, 13 May 2021 05:34:10 +0000 (06:34 +0100)] 
Merge branch 'json-c:master' into master

4 years agoCheck __STDC_VERSION__ is defined before checking its value
David McCann [Thu, 13 May 2021 05:31:18 +0000 (06:31 +0100)] 
Check __STDC_VERSION__ is defined before checking its value

Prevent an undef warning regarding __STDC_VERSION__ by checking whether it is defined before checking its value.

4 years agoMerge pull request #696 from ssrlive/master
Eric Hawicz [Sat, 1 May 2021 19:21:31 +0000 (15:21 -0400)] 
Merge pull request #696 from ssrlive/master

To avoid target exe file export JSON functions.

4 years agoMerge pull request #701 from commodo/configurable-opts
Eric Hawicz [Sat, 17 Apr 2021 21:26:49 +0000 (17:26 -0400)] 
Merge pull request #701 from commodo/configurable-opts

[RFC] json_pointer: allow the feature to be disabled

4 years agojson_pointer: allow the feature to be disabled 701/head
Alexandru Ardelean [Fri, 16 Apr 2021 06:42:07 +0000 (09:42 +0300)] 
json_pointer: allow the feature to be disabled

Some users may not want to included it in their build/system. So allow a
cmake symbol to disable it.

A user can do 'cmake -DDISABLE_JSON_POINTER=ON <json_c_root_dir>' and
disable the json_pointer functionality. That saves about 17 KB (on an
x86_64) machine. This may be useful on smaller embedded systems; even
though the saving would be fewer kilobytes.

One thing that also needs to change a bit, is that the 'json.h' be
autogenerated via cmake, in order to conditionally include that
"json_pointer.h" file.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
4 years agotests: CMakeLists.txt: move test names to variable
Alexandru Ardelean [Fri, 16 Apr 2021 06:32:07 +0000 (09:32 +0300)] 
tests: CMakeLists.txt: move test names to variable

The intent is to be able to disable some features that get built into the
library. When we do that, we also need to disable some tests.

It's easier when adjusting a variable that contains the list of test names,
versus modifying the list in the foreach() statement.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
4 years agoMerge pull request #700 from Philosoph228/werror-fix
Eric Hawicz [Thu, 15 Apr 2021 02:38:36 +0000 (22:38 -0400)] 
Merge pull request #700 from Philosoph228/werror-fix

Fix unused variable for Win32 build in random_seed.c

4 years agorandom_seed: fix unused variable for win32 build 700/head
Philosoph228 [Mon, 12 Apr 2021 19:12:35 +0000 (00:12 +0500)] 
random_seed: fix unused variable for win32 build

4 years agoTo avoid target exe file export JSON functions. 696/head
ssrlive [Tue, 2 Mar 2021 06:27:40 +0000 (14:27 +0800)] 
To avoid target exe file export JSON functions.

4 years agoAdd a DISABLE_EXTRA_LIBS option to skip using libbsd, per @neheb's request on issue...
Eric Haszlakiewicz [Mon, 15 Feb 2021 20:19:56 +0000 (20:19 +0000)] 
Add a DISABLE_EXTRA_LIBS option to skip using libbsd, per @neheb's request on issue #692/commit 0f61f692.

4 years agoIf arc4random is used, don't bother compiling in the other fallback methods since...
Eric Haszlakiewicz [Sat, 13 Feb 2021 03:23:58 +0000 (03:23 +0000)] 
If arc4random is used, don't bother compiling in the other fallback methods since they'll never be used.  Fixes PR#695 about unreachable code too.

4 years agoMerge pull request #694 from ihsinme/patch-1
Eric Hawicz [Sat, 6 Feb 2021 22:25:24 +0000 (17:25 -0500)] 
Merge pull request #694 from ihsinme/patch-1

fix invalid unsigned arithmetic.

4 years agoUpdate json_object.c 694/head
ihsinme [Fri, 5 Feb 2021 15:58:20 +0000 (18:58 +0300)] 
Update json_object.c

4 years agoIesue #692: use arc4random() if it's available (in libc on BSD systems, and libbsd...
Eric Haszlakiewicz [Wed, 13 Jan 2021 01:57:25 +0000 (01:57 +0000)] 
Iesue #692: use arc4random() if it's available (in libc on BSD systems, and libbsd on Linux).

4 years agoKeep the doc directory in the nodoc release tarball, just exclude its contents.
Eric Haszlakiewicz [Wed, 13 Jan 2021 01:30:16 +0000 (01:30 +0000)] 
Keep the doc directory in the nodoc release tarball, just exclude its contents.

4 years agoMerge pull request #674 from ploxiln/random_seed_err_continue
Eric Hawicz [Wed, 13 Jan 2021 01:22:54 +0000 (20:22 -0500)] 
Merge pull request #674 from ploxiln/random_seed_err_continue

random_seed: on error, continue to next method

4 years agoMerge pull request #689 from neheb/patch-1
Eric Hawicz [Sat, 19 Dec 2020 02:30:14 +0000 (21:30 -0500)] 
Merge pull request #689 from neheb/patch-1

fix compilation with clang

4 years agofix compilation with clang 689/head
Rosen Penev [Fri, 18 Dec 2020 03:59:37 +0000 (19:59 -0800)] 
fix compilation with clang

Fixes the following warning:

json_pointer.c:230:7: warning: implicit declaration of function
    'vasprintf' is invalid in C99 [-Wimplicit-function-declaration]
            rc = vasprintf(&path_copy, path_fmt, args);

5 years agorandom_seed: on error, continue to next method 674/head
Pierce Lopez [Wed, 7 Oct 2020 05:22:30 +0000 (01:22 -0400)] 
random_seed: on error, continue to next method

instead of exiting the process

5 years agoMerge pull request #667 from stoeckmann/regression
Eric Hawicz [Sat, 12 Sep 2020 00:56:51 +0000 (20:56 -0400)] 
Merge pull request #667 from stoeckmann/regression

Fixed test1 regression.

5 years agoFixed test1 regression. 667/head
Tobias Stoeckmann [Fri, 11 Sep 2020 19:09:40 +0000 (21:09 +0200)] 
Fixed test1 regression.

SIZEOF_SIZE_T might be only defined in config.h.

Include config.h for these systems to pass tests which are only
supposed to be run on 32 bit systems.

Fixes issue #666.

5 years agoMerge pull request #665 from stoeckmann/tokener
Eric Hawicz [Mon, 24 Aug 2020 13:51:41 +0000 (09:51 -0400)] 
Merge pull request #665 from stoeckmann/tokener

Handle more allocation failures in json_tokener* functions

5 years agoMerge pull request #660 from stoeckmann/arraylist
Eric Hawicz [Mon, 24 Aug 2020 13:51:18 +0000 (09:51 -0400)] 
Merge pull request #660 from stoeckmann/arraylist

Validate size arguments in arraylist functions.

5 years agoValidate size arguments in arraylist functions. 660/head
Tobias Stoeckmann [Sat, 22 Aug 2020 10:06:15 +0000 (12:06 +0200)] 
Validate size arguments in arraylist functions.

The array_list_new2 function, which is externally reachable through
json_object_new_array_ext, does not check if specified initial size
actually fits into memory on 32 bit architectures.

It also allows negative values, which could lead to an overflow on these
architectures as well. I have added test cases for these situations.

While at it, also protect array_list_shrink against too large
empty_slots argument. No test added because it takes a huge length
value, therefore a lot of items within the array, to overflow the
calculation. In theory this affects 64 bit sytems as well, but since the
arraylist API is not supposed to be used by external applications
according to its header file, the call is protected due to int
limitation of json_object_array_shrink.

5 years agoMerge pull request #664 from stoeckmann/string
Eric Hawicz [Sun, 23 Aug 2020 20:43:31 +0000 (16:43 -0400)] 
Merge pull request #664 from stoeckmann/string

Limit strings at INT_MAX length

5 years agoMerge pull request #663 from stoeckmann/strerror
Eric Hawicz [Sun, 23 Aug 2020 20:38:21 +0000 (16:38 -0400)] 
Merge pull request #663 from stoeckmann/strerror

Properly format errnos in _json_c_strerror

5 years agoMerge pull request #662 from stoeckmann/random
Eric Hawicz [Sun, 23 Aug 2020 20:34:40 +0000 (16:34 -0400)] 
Merge pull request #662 from stoeckmann/random

Prevent signed overflow in get_time_seed

5 years agoPrevent signed overflow in get_time_seed 662/head
Tobias Stoeckmann [Sat, 22 Aug 2020 11:23:23 +0000 (13:23 +0200)] 
Prevent signed overflow in get_time_seed

Casting time(2) return value to int and multiplying the result with
such a constant will definitely lead to a signed overflow by this day.

Since signed overflows are undefined behaviour in C, avoid this.

Casting to unsigned is more than enough since the upper bits of a
64 bit time_t value will be removed with the int conversion anyway.

5 years agoHandle allocation failure in json_tokener_new_ex 665/head
Tobias Stoeckmann [Sat, 22 Aug 2020 11:18:10 +0000 (13:18 +0200)] 
Handle allocation failure in json_tokener_new_ex

The allocation of printbuf_new might fail. Return NULL to indicate tis
error to the caller. Otherwise later usage of the returned tokener would
lead to null pointer dereference.

5 years agoCap string length at INT_MAX. 664/head
Tobias Stoeckmann [Sat, 22 Aug 2020 11:09:11 +0000 (13:09 +0200)] 
Cap string length at INT_MAX.

Several issues occur if a string is longer than INT_MAX:

- The function json_object_get_string_len returns the length of a string
  as int. If the string is longer than INT_MAX, the result would be
  negative.
- That in turn would lead to possible out of boundary access when
  comparing these strings with memcmp and the returned length as done in
  json_object_equal.
- If json_escape_str is called with such strings, out of boundary
  accesses can occur due to internal int handling (also fixed).
- The string cannot be printed out due to printbuffer limits at
  INT_MAX (which is still true after this commit).

Such huge strings can only be inserted through API calls at this point
because input files are capped at INT_MAX anyway.

Due to huge amount of RAM needed to reproduce these issues I have not
added test cases.

5 years agoAligned comment in _json_object_new_string
Tobias Stoeckmann [Sat, 22 Aug 2020 11:07:45 +0000 (13:07 +0200)] 
Aligned comment in _json_object_new_string

The comment only aligns correctly if tab size is 4. Replaced
spaces with tabs to stay in sync with style of other lines.

5 years agoProperly format errnos in _json_c_strerror 663/head
Tobias Stoeckmann [Sat, 22 Aug 2020 09:35:50 +0000 (11:35 +0200)] 
Properly format errnos in _json_c_strerror

The function _json_c_strerror does not properly format unknown errnos.
The int to ascii loop ignores the leading digit if the number can be
divided by 10 and if an errno has been formatted, shorter errnos would
not properly terminate the newly created string, showing the ending
numbers of the previous output.

A test case has been added to show these effects.

Since this function has been introduced for tests, the effect of this on
real life code is basically non-existing. First an environment variable
has to be set to activate this strerror code and second an unknown errno
would have to be encountered.

5 years agoFix json_object_get_boolean() doc for the object and array cases (always returns...
Eric Haszlakiewicz [Mon, 17 Aug 2020 14:55:54 +0000 (14:55 +0000)] 
Fix json_object_get_boolean() doc for the object and array cases (always returns 0), and add those cases to the test_cast test.
See also issue #658.

5 years agoMerge pull request #657 from stoeckmann/getrandom
Eric Hawicz [Sat, 15 Aug 2020 19:01:41 +0000 (15:01 -0400)] 
Merge pull request #657 from stoeckmann/getrandom

Use GRND_NONBLOCK with getrandom.

5 years agoUse GRND_NONBLOCK with getrandom. 657/head
Tobias Stoeckmann [Sat, 15 Aug 2020 13:41:41 +0000 (15:41 +0200)] 
Use GRND_NONBLOCK with getrandom.

The json-c library is used in cryptsetup for LUKS2 header information.
Since cryptsetup can be called very early during boot, the developers
avoid getrandom() calls in their own code base for now. [1]

Introducing a blocking getrandom() call in json-c therefore introduces
this issue for cryptsetup as well. Even though cryptsetup issues do not
have to be json-c issues, here is my proposal:

Let's use a non-blocking call, falling back to other sources if the call
would block. Since getrandom() accesses urandom, it must mean that we
are in an early boot phase -- otherwise the call would not block
according to its manual page.

As stated in manual page of random(4), accessing /dev/urandom won't
block but return weak random numbers, therefore this fallback would work
for json-c.

While at it, fixed the debug message.

[1] https://gitlab.com/cryptsetup/cryptsetup/-/merge_requests/47
    which references to https://lwn.net/Articles/800509/

5 years agoMerge pull request #656 from pogaram/fix-warnings
Eric Hawicz [Fri, 14 Aug 2020 20:57:32 +0000 (16:57 -0400)] 
Merge pull request #656 from pogaram/fix-warnings

Fixed warnings

5 years agoFixed warnings 656/head
Aram Poghosyan [Fri, 14 Aug 2020 07:45:33 +0000 (11:45 +0400)] 
Fixed warnings

5 years agoMerge pull request #655 from MarcT512/issue654
Eric Hawicz [Fri, 7 Aug 2020 14:18:30 +0000 (10:18 -0400)] 
Merge pull request #655 from MarcT512/issue654

json_parse: Fix read past end of buffer

5 years agoFix read past end of buffer 655/head
Marc [Fri, 7 Aug 2020 09:49:45 +0000 (10:49 +0100)] 
Fix read past end of buffer

Resolves https://github.com/json-c/json-c/issues/654

5 years agoEliminate use of ctype.h and replace isdigit() and tolower() with non-locale-sensitiv...
Eric Haszlakiewicz [Sun, 2 Aug 2020 04:06:44 +0000 (04:06 +0000)] 
Eliminate use of ctype.h and replace isdigit() and tolower() with non-locale-sensitive approaches.

5 years agoNeither vertical tab nor formfeed are considered whitespace per the JSON spec, remove...
Eric Haszlakiewicz [Sun, 2 Aug 2020 03:59:56 +0000 (03:59 +0000)] 
Neither vertical tab nor formfeed are considered whitespace per the JSON spec, remove them from is_ws_char().