You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@groovy.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/05/26 22:41:04 UTC
[jira] [Commented] (GROOVY-7979) JsonSlurper parses a single minus
character as a number
[ https://issues.apache.org/jira/browse/GROOVY-7979?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16026973#comment-16026973 ]
ASF GitHub Bot commented on GROOVY-7979:
----------------------------------------
GitHub user JamesLaverack opened a pull request:
https://github.com/apache/groovy/pull/552
GROOVY-7979: Prevent JsonSlurper issue on a single minus
Add bound checking to JSON parser code to account for a single minus character.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/JamesLaverack/groovy groovy7979
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/groovy/pull/552.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #552
----
commit 082535c3e0e0044ed7cb138dde68e296e39ea74c
Author: James Laverack <ja...@jameslaverack.com>
Date: 2017-05-13T12:38:34Z
GROOVY-7979: Add JSONSlurper test case for the string "[-]".
commit ac2b8f0584c3cced23fa51690d7c7ab40c2c29d8
Author: James Laverack <ja...@jameslaverack.com>
Date: 2017-05-14T19:21:43Z
GROOVY-7979: Add check for end of negative number
The check for the minus sign increments the character index by one. A
check is added to ensure that this does not go over the end of the
expected character substring.
commit a550df60a0714898dc9bbbe6512d0da57973a373
Author: James Laverack <ja...@jameslaverack.com>
Date: 2017-05-26T21:10:44Z
GROOVY-7979: Check for single minus in NumberValue
This check is performed at the time of parsing, rather than while
reading the return from `JsonSlurper`. The intent is that the slurper
should, to the best of it's ability, give you a structure which is
valid.
commit f0e65f1765dcebaa4b24f8be0506adcc281c78c7
Author: James Laverack <ja...@jameslaverack.com>
Date: 2017-05-26T21:15:21Z
Remove pointless sign handling
This code is useless as both of these code paths ultimately call out to
`CharScanner#parseIntFromTo` which handles the negative sign.
----
> JsonSlurper parses a single minus character as a number
> -------------------------------------------------------
>
> Key: GROOVY-7979
> URL: https://issues.apache.org/jira/browse/GROOVY-7979
> Project: Groovy
> Issue Type: Bug
> Components: JSON
> Affects Versions: 2.4.7
> Reporter: John Wagenleitner
> Priority: Minor
>
> A minus sign not followed by some digits should fail parsing but succeeds. The Character Source parser correctly throws an exception..
> {code}
> import groovy.json.*
> import static groovy.json.JsonParserType.*
> println new JsonSlurper().setType(CHAR_BUFFER).parseText('[-]') // [-45]
> println new JsonSlurper().setType(INDEX_OVERLAY).parseText('[-]') // [-45]
> println new JsonSlurper().setType(LAX).parseText('[-]') // [-45]
> println new JsonSlurper().setType(CHARACTER_SOURCE).parseText('[-]') // throws JsonException
> {code}
> The parsers fail to recognize that no digits are appearing after the minus and end up calculating a value based on the next char value. For example, the char value of {{]}} is 93 and that from the char value of {{0}} (48) is 45.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)