From 7878eb6ba30a8b84199f3c8fba4cac739e8a788a Mon Sep 17 00:00:00 2001
From: Lars Knoll <lars.knoll@digia.com>
Date: Wed, 22 May 2013 09:53:39 +0200
Subject: Fix parsing of long latin strings in the json parser
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Latin1 strings are usually stored as 8 bit data in the json binary
format. But that data structure has a size limitation of 16bit, so
we need to fall back to storing the string as 16 bit data if it is
too long.

Task-number: QTBUG-30946
Change-Id: I0069b1367030b0b2f819fd1f04e34c9e2534a2a3
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@digia.com>
---
 src/corelib/json/qjsonparser.cpp       |  3 ++-
 tests/auto/corelib/json/tst_qtjson.cpp | 45 ++++++++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+), 1 deletion(-)

diff --git a/src/corelib/json/qjsonparser.cpp b/src/corelib/json/qjsonparser.cpp
index 7989d18901..b151af7955 100644
--- a/src/corelib/json/qjsonparser.cpp
+++ b/src/corelib/json/qjsonparser.cpp
@@ -886,7 +886,8 @@ bool Parser::parseString(bool *latin1)
                 return false;
             }
         }
-        if (ch > 0xff) {
+        // bail out if the string is not pure latin1 or too long to hold as a latin1string (which has only 16 bit for the length)
+        if (ch > 0xff || json - start >= 0x8000) {
             *latin1 = false;
             break;
         }
diff --git a/tests/auto/corelib/json/tst_qtjson.cpp b/tests/auto/corelib/json/tst_qtjson.cpp
index fc4b3831c4..c19a42e4a6 100644
--- a/tests/auto/corelib/json/tst_qtjson.cpp
+++ b/tests/auto/corelib/json/tst_qtjson.cpp
@@ -128,6 +128,8 @@ private Q_SLOTS:
 
     void bom();
     void nesting();
+
+    void longStrings();
 private:
     QString testDataDir;
 };
@@ -2118,5 +2120,48 @@ void tst_QtJson::nesting()
 
 }
 
+void tst_QtJson::longStrings()
+{
+    // test around 15 and 16 bit boundaries, as these are limits
+    // in the data structures (for Latin1String in qjson_p.h)
+    QString s(0x7ff0, 'a');
+    for (int i = 0x7ff0; i < 0x8010; i++) {
+        s.append("c");
+
+        QMap <QString, QVariant> map;
+        map["key"] = s;
+
+        /* Create a QJsonDocument from the QMap ... */
+        QJsonDocument d1 = QJsonDocument::fromVariant(QVariant(map));
+        /* ... and a QByteArray from the QJsonDocument */
+        QByteArray a1 = d1.toJson();
+
+        /* Create a QJsonDocument from the QByteArray ... */
+        QJsonDocument d2 = QJsonDocument::fromJson(a1);
+        /* ... and a QByteArray from the QJsonDocument */
+        QByteArray a2 = d2.toJson();
+        QVERIFY(a1 == a2);
+    }
+
+    s = QString(0xfff0, 'a');
+    for (int i = 0xfff0; i < 0x10010; i++) {
+        s.append("c");
+
+        QMap <QString, QVariant> map;
+        map["key"] = s;
+
+        /* Create a QJsonDocument from the QMap ... */
+        QJsonDocument d1 = QJsonDocument::fromVariant(QVariant(map));
+        /* ... and a QByteArray from the QJsonDocument */
+        QByteArray a1 = d1.toJson();
+
+        /* Create a QJsonDocument from the QByteArray ... */
+        QJsonDocument d2 = QJsonDocument::fromJson(a1);
+        /* ... and a QByteArray from the QJsonDocument */
+        QByteArray a2 = d2.toJson();
+        QVERIFY(a1 == a2);
+    }
+}
+
 QTEST_MAIN(tst_QtJson)
 #include "tst_qtjson.moc"
-- 
cgit v1.2.3