The function vsnprintf returns a negative value on error, e.g. on
an invalid format. It's best to return NULL in such a case.
Also avoid a signed integer overflow if vsnprintf returns INT_MAX.
This is undefined behaviour in C and has to be avoided.
A negative value is returned with a call like:
json_sprintf("%111111111111111s", "", "");
INT_MAX is returned with a call like:
json_sprintf("%647s%2147483000s", "", "");
Support merging values nested within objects. For instance, merging:
{
"foo": 1,
"bar": {
"baz": 2
}
}
with
{
"bar": {
"baz": 3
}
}
results in
{
"foo": 1,
"bar": {
"baz": 3
}
}
instead of overwriting the value for the bar key.
This patch adds two new exported functions:
* `jansson_version_str` - Returns a human-readable version number
* `jansson_version_cmp` - Returns an integer less than, equal to, or greater
than zero if the runtime version of Jansson is found, respectively, to be
less than, to match, or be greater than the provided major, minor, and micro.
pack_string should never free str on error. This wouldn't be a problem
except the check for `ours` was inverted. Just remove the check for
ours since the true condition is unreachable.
json_vpack_ex also had an error check for s.has_error. This can never
be true unless value is NULL.
Expand pack_unpack testing to cover empty format string, NULL object
value with non-null concatenated key, array containing a non-null object
after a NULL (error) string.
Fixes#444
* Remove errant line-feed from pack_object error message.
* Correct error message in pack_object_inter.
* Create pack_integer / pack_real to get the correct error messages on
failure when packing numeric values.
* Add tests for packing NAN and infinity directly, in an array and as
an object value.
When NULL is received for an optional argument we should not set an
error message as this would block later error messages. If NULL is
received for a non-optional string we should set has_error. Set
has_error for UTF-8 errors to ensure optional strings with UTF-8
errors are not replaced with json_null(). Use 'purpose' argument in
NULL error messages of read_string.
Add error handling and tests for invalid formats where '+', '#', or '%'
is used on an optional string 's?' or 's*'.
Fix NULL string error messages to use 'purpose'.
Refactor skipping of '*' token, this is now handled by read_string and
pack_object_inter. This allows invalid format strings such as 's*#' and
's*+' to produce error messages.
Fixes#437
It was discovered fairly recently that JSON parsing libraries use
common pattern to name their exported symbols (they all use
json_ prefix). So eventually it happens that two symbols from two
different libraries have the same name. This will lead to cryptic
crashes (see [1] and [2]). Linking with -Bsymbolic-functions
prevents this.
1: https://gitlab.gnome.org/GNOME/json-glib/issues/33
2: https://groups.google.com/forum/#!topic/jansson-users/7Efx-RI45IU
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
As said in man doc:
"Each invocation of va_copy() must be matched by a corresponding
invocation of va_end() in the same function."
va_copy may alloc memory in some system, it's necessay to free it by
va_end.
Fixes: efe6c7b3f2 ("Add json_sprintf and json_vsprintf")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Recent versions of gcc have introduced compiler warnings for string
operations that could be truncated. This caused problems with -Werror.
src/error.c used strncpy to write "..." to a string, but skipped writing
the NUL terminator. Switch this to use memcpy. src/load.c produced
warnings from snprintf writing error strings that could be truncated.
Added code to autotools build to detect `-Wno-format-truncation', add it
to AM_CFLAGS if supported.
This adds a compiler warning when strbuffer_init return value is
ignored. unpack_object is updated to deal with errors produced
while building unrecognized_keys.
This macro is used to conditionally generate GCC/CLANG __attribute__
declarations if supported.
This allows the compiler to produce warnings on certain incorrect
usages. json_sprintf and json_vsprintf will produce warnings on invalid
format string. Many functions will produce a warning if the result is
unused. Specifically functions which allocate new objects will warn if
the result is ignored as this always results in a memory leak.
* Test equality of different length strings.
* Add tab to json_pack whitespace test.
* Test json_sprintf with empty result and invalid UTF.
* Test json_get_alloc_funcs with NULL arguments.
* Test invalid arguments.
* Add test_chaos to test allocation failure code paths.
* Remove redundant json_is_string checks from json_string_equal and
json_string_copy. Both functions are static and can only be called
with a json string.
Fixes to issues found by test_chaos:
* Fix crash on OOM in pack_unpack.c:read_string().
* Unconditionally free string in string_create upon allocation failure.
Update load.c:parse_value() to reflect this. This resolves a leak on
allocation failure for pack_unpack.c:pack_string() and
value.c:json_sprintf().
Although not visible from CodeCoverage these changes significantly
increase branch coverage. Especially in src/value.c where we previously
covered 67.4% of branches and now cover 96.3% of branches.
Users of the "o" format have an expectation that the object reference
will be stolen. Any error causes the collection process to end early.
This patch causes json_pack and related functions to continue scanning
the format and parameters so all references can be stolen to prevent
leaks. This makes no attempt to continue processing if the format
string is broken or missing.
'make check' still passes. Ran test_pack under valgrind and verified
that the leaked reference is fixed. Added a test which uses refcounts
to verify that the reference was correctly stolen after a NULL value
error.
Issue #135
Make parse_object use json_object_set_new_nocheck and make parse_array
use json_array_append_new, remove json_decref from error and success
paths.
Fixes#376