From 4e157fc60dae5ca69933ea4c1585a2a078b4d957 Mon Sep 17 00:00:00 2001 From: "Wladimir J. van der Laan" Date: Wed, 3 Jun 2015 09:42:03 +0200 Subject: json: fail read_string if string contains trailing garbage Change `read_string` to fail when not the entire input has been consumed. This avoids unexpected, even dangerous behavior (fixes #6223). The new JSON parser adapted in #6121 also solves this problem so in master this is a temporary fix, but should be backported to older releases. Also adds tests for the new behavior. --- src/json/json_spirit_reader_template.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/json') diff --git a/src/json/json_spirit_reader_template.h b/src/json/json_spirit_reader_template.h index 46f5892f62..47e3c1ca84 100644 --- a/src/json/json_spirit_reader_template.h +++ b/src/json/json_spirit_reader_template.h @@ -521,12 +521,11 @@ namespace json_spirit const spirit_namespace::parse_info< Iter_type > info = spirit_namespace::parse( begin, end, - Json_grammer< Value_type, Iter_type >( semantic_actions ), + Json_grammer< Value_type, Iter_type >( semantic_actions ) >> spirit_namespace::end_p, spirit_namespace::space_p ); if( !info.hit ) { - assert( false ); // in theory exception should already have been thrown throw_error( info.stop, "error" ); } @@ -570,7 +569,8 @@ namespace json_spirit { typename String_type::const_iterator begin = s.begin(); - return read_range( begin, s.end(), value ); + bool success = read_range( begin, s.end(), value ); + return success && begin == s.end(); } template< class Istream_type > -- cgit v1.2.3