From 17f163e6c188e5763535e3c22edd256c6994e297 Mon Sep 17 00:00:00 2001 From: Luke Rodgers Date: Sun, 2 Jun 2019 21:05:34 -0400 Subject: [PATCH] Do not permit leading zeros in JSON numbers, as per RFC 8259 --- packages/json/_test.pony | 8 ++++++++ packages/json/json_doc.pony | 9 ++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/packages/json/_test.pony b/packages/json/_test.pony index 885d326fa9..596029101f 100644 --- a/packages/json/_test.pony +++ b/packages/json/_test.pony @@ -80,6 +80,9 @@ class iso _TestParseNumber is UnitTest doc.parse("0")? h.assert_eq[I64](0, doc.data as I64) + doc.parse("-0")? + h.assert_eq[I64](0, doc.data as I64) + doc.parse("13")? h.assert_eq[I64](13, doc.data as I64) @@ -110,6 +113,11 @@ class iso _TestParseNumber is UnitTest h.assert_error({() ? => JsonDoc.parse("1.-3")? }) h.assert_error({() ? => JsonDoc.parse("1e")? }) + // RFC 8259 does not permit leading zeros + h.assert_error({() ? => JsonDoc.parse("01")? }) + h.assert_error({() ? => JsonDoc.parse("-01")? }) + h.assert_error({() ? => JsonDoc.parse("-012")? }) + class iso _TestParseString is UnitTest """ Test Json parsing of strings. diff --git a/packages/json/json_doc.pony b/packages/json/json_doc.pony index ba7e5873ca..b3c2b19e0e 100644 --- a/packages/json/json_doc.pony +++ b/packages/json/json_doc.pony @@ -116,13 +116,20 @@ class JsonDoc _get_char()? // Consume - end + let leading_zero = _peek_char()? == '0' + var frac: I64 = 0 var frac_digits: U8 = 0 var exp: I64 = 0 var exp_digits: U8 = 0 // Start with integer part - (let int, _) = _parse_decimal()? + (let int, let int_digits) = _parse_decimal()? + + if (int_digits > 1) and (leading_zero == true) then + _error("Leading 0 not permitted") + error + end if _peek_char()? == '.' then // We have a . so expect a fractional part