diff options
author | Mark Oteiza <mvoteiza@udel.edu> | 2017-08-17 20:00:52 -0400 |
---|---|---|
committer | Mark Oteiza <mvoteiza@udel.edu> | 2017-08-17 20:00:52 -0400 |
commit | 87645443b5c6dffea928a19c50aded605a28279c (patch) | |
tree | 77aa4d12f627f56250df2913f9eb5f1090a28cc7 /lisp/json.el | |
parent | 61631476d79cdb10272091251f3b84817fbc631a (diff) | |
download | emacs-87645443b5c6dffea928a19c50aded605a28279c.tar.gz |
Treat control characters in JSON strings as invalid
* lisp/json.el (json-peek): Reduce to following-char.
(json-pop, json-read): Zero (null char) means end of file.
(json-read-escaped-char): Delimit URL properly.
(json-read-string): Signal error for ASCII control characters.
* test/lisp/json-tests.el (test-json-peek): Check for zero instead of
:json-eof symbol.
(test-json-read-string): New test for control characters in JSON
strings.
Diffstat (limited to 'lisp/json.el')
-rw-r--r-- | lisp/json.el | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/lisp/json.el b/lisp/json.el index 627e65efa45..64486258ccf 100644 --- a/lisp/json.el +++ b/lisp/json.el @@ -193,12 +193,12 @@ Unlike `reverse', this keeps the property-value pairs intact." (defsubst json-peek () "Return the character at point." - (or (char-after (point)) :json-eof)) + (following-char)) (defsubst json-pop () "Advance past the character at point, returning it." (let ((char (json-peek))) - (if (eq char :json-eof) + (if (zerop char) (signal 'json-end-of-file nil) (json-advance) char))) @@ -380,7 +380,7 @@ representation will be parsed correctly." (special (cdr special)) ((not (eq char ?u)) char) ;; Special-case UTF-16 surrogate pairs, - ;; cf. https://tools.ietf.org/html/rfc7159#section-7. Note that + ;; cf. <https://tools.ietf.org/html/rfc7159#section-7>. Note that ;; this clause overlaps with the next one and therefore has to ;; come first. ((looking-at @@ -406,6 +406,8 @@ representation will be parsed correctly." (let ((characters '()) (char (json-peek))) (while (not (= char ?\")) + (when (< char 32) + (signal 'json-string-format (list (prin1-char char)))) (push (if (= char ?\\) (json-read-escaped-char) (json-pop)) @@ -686,12 +688,12 @@ become JSON objects." Advances point just past JSON object." (json-skip-whitespace) (let ((char (json-peek))) - (if (not (eq char :json-eof)) - (let ((record (cdr (assq char json-readtable)))) - (if (functionp (car record)) - (apply (car record) (cdr record)) - (signal 'json-readtable-error record))) - (signal 'json-end-of-file nil)))) + (if (zerop char) + (signal 'json-end-of-file nil) + (let ((record (cdr (assq char json-readtable)))) + (if (functionp (car record)) + (apply (car record) (cdr record)) + (signal 'json-readtable-error record)))))) ;; Syntactic sugar for the reader |