From d76d954de3643e515f930c448dd31280fecb62e8 Mon Sep 17 00:00:00 2001 From: drh <> Date: Sat, 29 Apr 2023 16:00:20 +0000 Subject: [PATCH] Do not allow leading zeros on non-zero numeric literals in JSON. FossilOrigin-Name: 3e91494390ba88498eb243f61ce4ef4efa23b58326108a769bc72331d7d7d75b --- manifest | 14 +++++++------- manifest.uuid | 2 +- src/json.c | 14 +++++++------- test/json102.test | 12 ++++++------ 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/manifest b/manifest index db8aa3f3d8..bd3882b93b 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Minor\sfixes\sto\sto\sthe\sJSON%\sparser. -D 2023-04-29T12:13:27.600 +C Do\snot\sallow\sleading\szeros\son\snon-zero\snumeric\sliterals\sin\sJSON. +D 2023-04-29T16:00:20.514 F .fossil-settings/empty-dirs dbb81e8fc0401ac46a1491ab34a7f2c7c0452f2f06b54ebb845d024ca8283ef1 F .fossil-settings/ignore-glob 35175cdfcf539b2318cb04a9901442804be81cd677d8b889fcc9149c21f239ea F LICENSE.md df5091916dbb40e6e9686186587125e1b2ff51f022cc334e886c19a0e9982724 @@ -594,7 +594,7 @@ F src/hash.h 3340ab6e1d13e725571d7cee6d3e3135f0779a7d8e76a9ce0a85971fa3953c51 F src/hwtime.h b638809e083b601b618df877b2e89cb87c2a47a01f4def10be4c4ebb54664ac7 F src/in-operator.md 10cd8f4bcd225a32518407c2fb2484089112fd71 F src/insert.c a8de1db43335fc4946370a7a7e47d89975ad678ddb15078a150e993ba2fb37d4 -F src/json.c a25afd49aba4a2ac6b5c0fdabd82f376beccdec18f1946e66143bdb51fb1be33 +F src/json.c 1de9706f7bc22865237fa46a2f3e0de320e0a6afa24ff7b854c7522c0cc57c48 F src/legacy.c d7874bc885906868cd51e6c2156698f2754f02d9eee1bae2d687323c3ca8e5aa F src/loadext.c be5af440f3192c58681b5d43167dbca3ccbfce394d89faa22378a14264781136 F src/main.c 09bc5191f75dc48fc4dfddda143cb864c0c3dbc3297eb9a9c8e01fea58ff847d @@ -1256,7 +1256,7 @@ F test/json/json-generator.tcl dc0dd0f393800c98658fc4c47eaa6af29d4e17527380cd286 F test/json/json-q1.txt 335a7c8ab291d354f33b7decc9559e99a2823d4142291c4be7aa339a631f3c2d F test/json/json-speed-check.sh 8b7babf530faa58bd59d6d362cec8e9036a68c5457ff46f3b1f1511d21af6737 x F test/json101.test de9c93169b84ac96fd5836c638a2ae1f00e4afbd4003c6b596692d7f05e1cd69 -F test/json102.test 1f61f469d763ff26430dbee76bc75e0aa73084ca84f10e58744fdb899e56de3e +F test/json102.test 3bdf097757faefadfd88c5695ba8ab076ca8d8680eb8f33d73d44c07cbbc666d F test/json103.test 53df87f83a4e5fa0c0a56eb29ff6c94055c6eb919f33316d62161a8880112dbe F test/json104.test a502dc01853aada95d721b3b275afbe2dc18fffdac1fea6e96fb20c13586bbb5 F test/json105.test 11670a4387f4308ae0318cadcbd6a918ea7edcd19fbafde020720a073952675d @@ -2067,8 +2067,8 @@ F vsixtest/vsixtest.tcl 6a9a6ab600c25a91a7acc6293828957a386a8a93 F vsixtest/vsixtest.vcxproj.data 2ed517e100c66dc455b492e1a33350c1b20fbcdc F vsixtest/vsixtest.vcxproj.filters 37e51ffedcdb064aad6ff33b6148725226cd608e F vsixtest/vsixtest_TemporaryKey.pfx e5b1b036facdb453873e7084e1cae9102ccc67a0 -P 4473dc8e3ad18bb6185ed4a819baf881a7d26ac74bc70fae6ba23a0030be8316 -R c6f6cd1aa30c85d050651bc2038ace97 +P 2fe684cdcdc3cab4ec3348ca5aa5948e4472c562b739c29faebcb77397f8d969 +R ab5a5b4f8c2b54ec0b250293ed522d33 U drh -Z 73c28292d33e23cb810b7dd1773fc296 +Z 69b4a1c1b9499f71fc838cb1772a2121 # Remove this line to create a well-formed Fossil manifest. diff --git a/manifest.uuid b/manifest.uuid index fc7993d006..b758f33f29 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -2fe684cdcdc3cab4ec3348ca5aa5948e4472c562b739c29faebcb77397f8d969 \ No newline at end of file +3e91494390ba88498eb243f61ce4ef4efa23b58326108a769bc72331d7d7d75b \ No newline at end of file diff --git a/src/json.c b/src/json.c index 32a52cf1ee..f603a82bf7 100644 --- a/src/json.c +++ b/src/json.c @@ -333,7 +333,7 @@ static void jsonAppendNormalizedString(JsonString *p, const char *zIn, u32 N){ jsonAppendRaw(p, "\\u0000", 6); break; case '\r': - if( N>=3 && zIn[2]=='\n' ){ + if( zIn[2]=='\n' ){ zIn++; N--; } @@ -1328,15 +1328,15 @@ json_parse_restart: if( c<='0' ){ if( c=='0' ){ - if( sqlite3Isdigit(z[i+1]) ){ - pParse->has5 = 1; - jnFlags = JNODE_JSON5; - }else if( (z[i+1]=='x' || z[i+1]=='X') && sqlite3Isxdigit(z[i+2]) ){ + if( (z[i+1]=='x' || z[i+1]=='X') && sqlite3Isxdigit(z[i+2]) ){ assert( seenDP==JSON_INT ); pParse->has5 = 1; jnFlags |= JNODE_JSON5; for(j=i+3; sqlite3Isxdigit(z[j]); j++){} goto parse_number_finish; + }else if( sqlite3Isdigit(z[i+1]) ){ + pParse->iErr = i+1; + return -1; } }else{ if( !sqlite3Isdigit(z[i+1]) ){ @@ -1372,8 +1372,8 @@ json_parse_restart: } if( z[i+1]=='0' ){ if( sqlite3Isdigit(z[i+2]) ){ - pParse->has5 = 1; - jnFlags = JNODE_JSON5; + pParse->iErr = i+1; + return -1; }else if( (z[i+2]=='x' || z[i+2]=='X') && sqlite3Isxdigit(z[i+3]) ){ pParse->has5 = 1; jnFlags |= JNODE_JSON5; diff --git a/test/json102.test b/test/json102.test index d45ec11bf1..2594feafa1 100644 --- a/test/json102.test +++ b/test/json102.test @@ -302,18 +302,18 @@ for {set i 0} {$i<100} {incr i} { # fixed. # foreach {id j x0 x5} { - 1401 {'{"x":01}'} 0 1 - 1402 {'{"x":-01}'} 0 1 + 1401 {'{"x":01}'} 0 0 + 1402 {'{"x":-01}'} 0 0 1403 {'{"x":0}'} 1 1 1404 {'{"x":-0}'} 1 1 1405 {'{"x":0.1}'} 1 1 1406 {'{"x":-0.1}'} 1 1 1407 {'{"x":0.0000}'} 1 1 1408 {'{"x":-0.0000}'} 1 1 - 1409 {'{"x":01.5}'} 0 1 - 1410 {'{"x":-01.5}'} 0 1 - 1411 {'{"x":00}'} 0 1 - 1412 {'{"x":-00}'} 0 1 + 1409 {'{"x":01.5}'} 0 0 + 1410 {'{"x":-01.5}'} 0 0 + 1411 {'{"x":00}'} 0 0 + 1412 {'{"x":-00}'} 0 0 1413 {'{"x":+0}'} 0 1 1414 {'{"x":+5}'} 0 1 1415 {'{"x":+5.5}'} 0 1 -- 2.47.2