Skip to content

Commit 9be5895

Browse files
authored
Issue 1182: Fix fuzzing bug (open-source-parsers#1183)
This patch fixes a fuzzing bug by resolving a bad fallthrough in the setComment logic. The result is that we get a proper error instead of an assert, making the library friendlier to use and less likely to cause issue for consumers. See related Chromium project bug: https://bugs.chromium.org/p/chromium/issues/detail?id=989851 Issue: 1182
1 parent 6aba23f commit 9be5895

File tree

2 files changed

+6
-2
lines changed

2 files changed

+6
-2
lines changed

src/lib_json/json_reader.cpp

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1175,8 +1175,11 @@ bool OurReader::readToken(Token& token) {
11751175
if (features_.allowSingleQuotes_) {
11761176
token.type_ = tokenString;
11771177
ok = readStringSingleQuote();
1178-
break;
1179-
} // else fall through
1178+
} else {
1179+
// If we don't allow single quotes, this is a failure case.
1180+
ok = false;
1181+
}
1182+
break;
11801183
case '/':
11811184
token.type_ = tokenComment;
11821185
ok = readComment();

test/data/fail_invalid_quote.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
{'//this is bad JSON.'}

0 commit comments

Comments
 (0)