Skip to content

Commit

Permalink
implode: Better invalid input validation and handling
Browse files Browse the repository at this point in the history
Error on non-number codepoint, asserted before
Replace negative codepoint and surrogate range with unicode replacement character, asserted before

Fixes #1160
  • Loading branch information
wader committed Jul 24, 2023
1 parent 98f709d commit 77dba74
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 2 deletions.
11 changes: 11 additions & 0 deletions src/builtin.c
Original file line number Diff line number Diff line change
Expand Up @@ -1201,9 +1201,20 @@ static jv f_string_indexes(jq_state *jq, jv a, jv b) {
}

static jv f_string_implode(jq_state *jq, jv a) {
int i;
int len;
if (jv_get_kind(a) != JV_KIND_ARRAY) {
return ret_error(a, jv_string("implode input must be an array"));
}
len = jv_array_length(jv_copy(a));
for (i = 0; i < len; i++) {
jv n = jv_array_get(jv_copy(a), i);
if (jv_get_kind(n) != JV_KIND_NUMBER) {
jv_free(a);
return type_error(n, "codepoint must be a number");
}
}

return jv_string_implode(a);
}

Expand Down
3 changes: 2 additions & 1 deletion src/jv.c
Original file line number Diff line number Diff line change
Expand Up @@ -1362,7 +1362,8 @@ jv jv_string_implode(jv j) {
assert(JVP_HAS_KIND(n, JV_KIND_NUMBER));
int nv = jv_number_value(n);
jv_free(n);
if (nv > 0x10FFFF)
// outside codepoint range or in utf16 surrogate pair range
if (nv < 0 || nv > 0x10FFFF || (nv >= 0xD800 && nv <= 0xDFFF))
nv = 0xFFFD; // U+FFFD REPLACEMENT CHARACTER
s = jv_string_append_codepoint(s, nv);
}
Expand Down
1 change: 1 addition & 0 deletions src/jv.h
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,7 @@ jv jv_number(double);
jv jv_number_with_literal(const char*);
double jv_number_value(jv);
int jv_is_integer(jv);
int jvp_number_is_nan(jv);

int jv_number_has_literal(jv n);
const char* jv_number_get_literal(jv);
Expand Down
1 change: 0 additions & 1 deletion src/jv_type_private.h
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,5 @@
#define JV_TYPE_PRIVATE

int jvp_number_cmp(jv, jv);
int jvp_number_is_nan(jv);

#endif //JV_TYPE_PRIVATE
12 changes: 12 additions & 0 deletions tests/jq.test
Original file line number Diff line number Diff line change
Expand Up @@ -1834,3 +1834,15 @@ null
debug
1
1


# explode/implode
# test replacement character (65533) for outside codepoint range and 0xd800 (55296) - 0xdfff (57343) utf16 surrogate pair range
# 1.1 and 1.9 to test round down of non-ints
implode|explode
[-1,0,1,2,3,1114111,1114112,55295,55296,57343,57344,1.1,1.9]
[65533,0,1,2,3,1114111,65533,55295,65533,65533,57344,1,1]

map(try implode catch .)
[123,["a"],[nan]]
["implode input must be an array","string (\"a\") codepoint must be a number","number (null) codepoint must be a number"]

0 comments on commit 77dba74

Please sign in to comment.