aboutsummaryrefslogtreecommitdiff
path: root/src/univalue
diff options
context:
space:
mode:
authorDaniel Kraft <d@domob.eu>2015-08-20 12:48:43 +0200
committerDaniel Kraft <d@domob.eu>2015-08-20 12:48:43 +0200
commite938122b7ba8723c8cab6de78e8a9b39ad188589 (patch)
tree8dc918238e08377ef3ccac660f8fd935e562e31e /src/univalue
parentef30389e2a4a83c2845a2cbdf3a7c2f062404077 (diff)
Stop parsing JSON after first finished construct.
Fix https://github.com/bitcoin/bitcoin/issues/6558. In particular, stop parsing JSON after the first object or array is finished. Check that no other garbage follows, and fail the parser if it does.
Diffstat (limited to 'src/univalue')
-rw-r--r--src/univalue/univalue_read.cpp14
1 files changed, 8 insertions, 6 deletions
diff --git a/src/univalue/univalue_read.cpp b/src/univalue/univalue_read.cpp
index 261771811d..64591234cb 100644
--- a/src/univalue/univalue_read.cpp
+++ b/src/univalue/univalue_read.cpp
@@ -244,16 +244,16 @@ bool UniValue::read(const char *raw)
bool expectColon = false;
vector<UniValue*> stack;
+ string tokenVal;
+ unsigned int consumed;
enum jtokentype tok = JTOK_NONE;
enum jtokentype last_tok = JTOK_NONE;
- while (1) {
+ do {
last_tok = tok;
- string tokenVal;
- unsigned int consumed;
tok = getJsonToken(tokenVal, consumed, raw);
if (tok == JTOK_NONE || tok == JTOK_ERR)
- break;
+ return false;
raw += consumed;
switch (tok) {
@@ -377,9 +377,11 @@ bool UniValue::read(const char *raw)
default:
return false;
}
- }
+ } while (!stack.empty ());
- if (stack.size() != 0)
+ /* Check that nothing follows the initial construct (parsed above). */
+ tok = getJsonToken(tokenVal, consumed, raw);
+ if (tok != JTOK_NONE)
return false;
return true;