git.ipfire.org Git - thirdparty/vim.git/commit

author	Yasuhiro Matsumoto <mattn.jp@gmail.com>
	Wed, 25 Mar 2026 21:20:21 +0000 (21:20 +0000)
committer	Christian Brabandt <cb@256bit.org>
	Wed, 25 Mar 2026 21:20:21 +0000 (21:20 +0000)
commit	af3ccc28452c777fc47395fcb65bc5fcaee90fc5
tree	094cc5136f9aa1b76588ed58f389c00b1d14cc0e	tree \| snapshot
parent	c0f0a34ea36120ad1cac3867a777f2c55ed88b09	commit \| diff

patch 9.2.0248: json_decode() is not strict enough

Problem:  json_decode() accepted keywords case-insensitively, violating
          RFC 7159. Both json_decode() and js_decode() silently accepted
          lone surrogates, which are invalid Unicode.
Solution: Only allow lowercase keyword in json_decode(), reject lone
          surrogates, improve encoding performance in write_string() and
          blob byte serialization.

1. Fix surrogate pair range check (0xDFFF -> 0xDBFF) so only high
   surrogates trigger pair decoding. Reject lone surrogates that do
   not form a valid pair instead of producing invalid UTF-8.
2. Use case-sensitive matching for JSON keywords (true, false, null,
   NaN, Infinity) in json_decode() per RFC 7159. js_decode() retains
   case-insensitive behavior.
3. Replace double ga_append() calls for escape sequences with single
   GA_CONCAT_LITERAL() calls, halving function call and buffer growth
   check overhead.
4. Replace vim_snprintf_safelen() for blob byte encoding (0-255) with
   direct digit conversion.

closes: #19807

Signed-off-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>
Signed-off-by: Christian Brabandt <cb@256bit.org>

runtime/doc/builtin.txt		diff \| blob \| blame \| history
runtime/doc/version9.txt		diff \| blob \| blame \| history
src/json.c		diff \| blob \| blame \| history
src/testdir/test_json.vim		diff \| blob \| blame \| history
src/version.c		diff \| blob \| blame \| history