Bug: wrong validation if "additionalProperties" has boolean value false

[danipindado]

there is a bug in how additionalProperties is handled.
additionalProperties = false, ensures that no properties other than those defined in properties or patternProperties are allowed, see draft-4 spec.

Therefore, if additionalProperties s false, All required properties must be defined in either properties or patternProperties.

this is not the case.

see this example:

{
  "$schema": "https://json-schema.org/draft-04/schema",
  "title": "Example Schema",
  "description": "A generic schema with four properties",
  "type": "object",
  "properties": {
    "propertyOneTypo": {
      "type": "string",
      "description": "A string property"
    },
    "propertyTwo": {
      "type": "number",
      "description": "A number property"
    },
    "propertyThree": {
      "type": "boolean",
      "description": "A boolean property"
    },
    "propertyFour": {
      "type": "array",
      "items": {
        "type": "string"
      },
      "description": "An array of strings"
    }
  },
  "required": ["propertyOne", "propertyTwo", "propertyThree", "propertyFour"],
  "additionalProperties": false
}

{
  "propertyOne": "example string",
  "propertyTwo": 42,
  "propertyThree": true,
  "propertyFour": ["item1", "item2", "item3"]
}

the json input file has a property called "propertyOne". this property is neither defined in properties or patternProperties. the verification should fail. but it does not.

valijson 0.6 triggers an error when using the web based live demo

Error validating JSON schema:
Error #0
  context: <root>
  message: Object contains a property that could not be validated using 'properties' or 'additionalProperties' constraints: 'propertyOne'.

validation fails in vscode json schema validator too.
and also in the the validator here:
https://www.jsonschemavalidator.net/s/rHhkxQRh

rapidjson considers the file as valid.

[danipindado]

i have checked out current head and i can reproduce the problem with unittest by inserting this test case in required.json,

    {
        "description": "bug: required properties mess up with additionalProperties handling",
        "schema": {
            "properties": {
                "A": {},
                "B": {}
            },
            "required": ["B","C"],
            "additionalProperties": false
        },
        "tests": [
            {
                "description": "invalid due to missing C",
                "data": {"A": 1,"B": 1},
                "valid": false
            },
            {
                "description": "invalid due to presence of C and additionalProperties == false",
                "data": {"B": 1,"C": 1},
                "valid": false
            }
        ]
    }

Fail: jsonschema/tests/draft4/required.json "bug: required properties mess up with additionalProperties handling" "invalid due to presence of C and additionalProperties == false"

i think the problem has to do with how properties_ array is built during schema parsing here.
required properties are added to the same array, and, later, they are flagged as required.

the function FindePropertyIndex which is used to see if additional properties have been added, checks the entire properties_ array. it does not check if originally the property was part of "properties" or "required". and this is the problem. because according spec, only "properties" and "patternProperties" are relevant for "additionalProperties" handling.

one would need maybe an additional member in the Property class to see if the property was originally in "properties" object.