From e262ea5fcd789d20d5d20d5d6d9c7ec06e3c00fd Mon Sep 17 00:00:00 2001 From: Corey Farrell Date: Mon, 5 Nov 2018 16:43:10 -0500 Subject: [PATCH] Remove inappropriate jsonp_free which caused segmentation fault. pack_string should never free str on error. This wouldn't be a problem except the check for `ours` was inverted. Just remove the check for ours since the true condition is unreachable. json_vpack_ex also had an error check for s.has_error. This can never be true unless value is NULL. Expand pack_unpack testing to cover empty format string, NULL object value with non-null concatenated key, array containing a non-null object after a NULL (error) string. Fixes #444 --- src/pack_unpack.c | 9 ++------- test/suites/api/test_pack.c | 21 +++++++++++++++++++++ 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/src/pack_unpack.c b/src/pack_unpack.c index ec04bc3..3b99776 100644 --- a/src/pack_unpack.c +++ b/src/pack_unpack.c @@ -359,9 +359,7 @@ static json_t *pack_string(scanner_t *s, va_list *ap) return t == '?' && !s->has_error ? json_null() : NULL; if (s->has_error) { - if (!ours) - jsonp_free(str); - + /* It's impossible to reach this point if ours != 0, do not free str. */ return NULL; } @@ -853,6 +851,7 @@ json_t *json_vpack_ex(json_error_t *error, size_t flags, value = pack(&s, &ap_copy); va_end(ap_copy); + /* This will cover all situations where s.has_error is true */ if(!value) return NULL; @@ -862,10 +861,6 @@ json_t *json_vpack_ex(json_error_t *error, size_t flags, set_error(&s, "", json_error_invalid_format, "Garbage after format string"); return NULL; } - if(s.has_error) { - json_decref(value); - return NULL; - } return value; } diff --git a/test/suites/api/test_pack.c b/test/suites/api/test_pack.c index ab3aa91..084f170 100644 --- a/test/suites/api/test_pack.c +++ b/test/suites/api/test_pack.c @@ -428,6 +428,11 @@ static void run_tests() fail("json_pack failed to a lone +"); check_error(json_error_invalid_format, "Unexpected format character '+'", "", 1, 1, 1); + /* Empty format */ + if(json_pack_ex(&error, 0, "")) + fail("json_pack failed to catch empty format string"); + check_error(json_error_invalid_argument, "NULL or empty format string", "", -1, -1, 0); + /* NULL format */ if(json_pack_ex(&error, 0, NULL)) fail("json_pack failed to catch NULL format string"); @@ -494,4 +499,20 @@ static void run_tests() if(json_pack_ex(&error, 0, "{s:O}", "foo", NULL)) fail("json_pack failed to catch nullable incref object"); check_error(json_error_null_value, "NULL object", "", 1, 4, 4); + + if(json_pack_ex(&error, 0, "{s+:o}", "foo", "bar", NULL)) + fail("json_pack failed to catch non-nullable object value"); + check_error(json_error_null_value, "NULL object", "", 1, 5, 5); + + if(json_pack_ex(&error, 0, "[1s", "Hi")) + fail("json_pack failed to catch invalid format"); + check_error(json_error_invalid_format, "Unexpected format character '1'", "", 1, 2, 2); + + if(json_pack_ex(&error, 0, "[1s+", "Hi", "ya")) + fail("json_pack failed to catch invalid format"); + check_error(json_error_invalid_format, "Unexpected format character '1'", "", 1, 2, 2); + + if(json_pack_ex(&error, 0, "[so]", NULL, json_object())) + fail("json_pack failed to catch NULL value"); + check_error(json_error_null_value, "NULL string", "", 1, 2, 2); }