summaryrefslogtreecommitdiffstats
path: root/src/corelib/json/qjsonparser.cpp
diff options
context:
space:
mode:
authorLars Knoll <lars.knoll@digia.com>2014-09-05 13:26:16 +0200
committerLars Knoll <lars.knoll@digia.com>2014-09-10 21:10:45 +0200
commitdf25927a6827c0abce6d35440359a835d23226f7 (patch)
treeef060f0fc451806856c6c009f10e40be7d89e061 /src/corelib/json/qjsonparser.cpp
parent853845a4a2570302def9526a99f2b09433c286c5 (diff)
Don't accept json strings with trailing garbage
A well formed JSON document is not allowed to contain trailing garbage at the end. Don't accept this in the parser. Task-number: QTBUG-40062 Change-Id: I0a09dbd099a8c643f58023342546c4e67d026fec Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
Diffstat (limited to 'src/corelib/json/qjsonparser.cpp')
-rw-r--r--src/corelib/json/qjsonparser.cpp12
1 files changed, 12 insertions, 0 deletions
diff --git a/src/corelib/json/qjsonparser.cpp b/src/corelib/json/qjsonparser.cpp
index 0c61718843..09d8a929cd 100644
--- a/src/corelib/json/qjsonparser.cpp
+++ b/src/corelib/json/qjsonparser.cpp
@@ -79,6 +79,7 @@ QT_BEGIN_NAMESPACE
#define JSONERR_MISS_OBJ QT_TRANSLATE_NOOP("QJsonParseError", "object is missing after a comma")
#define JSONERR_DEEP_NEST QT_TRANSLATE_NOOP("QJsonParseError", "too deeply nested document")
#define JSONERR_DOC_LARGE QT_TRANSLATE_NOOP("QJsonParseError", "too large document")
+#define JSONERR_GARBAGEEND QT_TRANSLATE_NOOP("QJsonParseError", "garbage at the end of the document")
/*!
\class QJsonParseError
@@ -111,6 +112,8 @@ QT_BEGIN_NAMESPACE
\value MissingObject An object was expected but couldn't be found
\value DeepNesting The JSON document is too deeply nested for the parser to parse it
\value DocumentTooLarge The JSON document is too large for the parser to parse it
+ \value GarbageAtEnd The parsed document contains additional garbage characters at the end
+
*/
/*!
@@ -182,6 +185,9 @@ QString QJsonParseError::errorString() const
case DocumentTooLarge:
sz = JSONERR_DOC_LARGE;
break;
+ case GarbageAtEnd:
+ sz = JSONERR_GARBAGEEND;
+ break;
}
#ifndef QT_BOOTSTRAPPED
return QCoreApplication::translate("QJsonParseError", sz);
@@ -323,6 +329,12 @@ QJsonDocument Parser::parse(QJsonParseError *error)
goto error;
}
+ eatSpace();
+ if (json < end) {
+ lastError = QJsonParseError::GarbageAtEnd;
+ goto error;
+ }
+
END;
{
if (error) {