mirror of
https://github.com/golang/go
synced 2024-11-05 18:46:11 -07:00
encoding/json: validate strings when decoding into Number
Unmarshaling a string into a json.Number should first check that the string is a valid Number.
If not, we should fail without decoding it.
Fixes #14702
Change-Id: I286178e93df74ad63c0a852c3f3489577072cf47
GitHub-Last-Rev: fe69bb68ee
GitHub-Pull-Request: golang/go#34272
Reviewed-on: https://go-review.googlesource.com/c/go/+/195045
Reviewed-by: Daniel Martí <mvdan@mvdan.cc>
Run-TryBot: Daniel Martí <mvdan@mvdan.cc>
TryBot-Result: Gobot Gobot <gobot@golang.org>
This commit is contained in:
parent
0e0bff840e
commit
c1000c500c
@ -949,6 +949,9 @@ func (d *decodeState) literalStore(item []byte, v reflect.Value, fromQuoted bool
|
|||||||
}
|
}
|
||||||
v.SetBytes(b[:n])
|
v.SetBytes(b[:n])
|
||||||
case reflect.String:
|
case reflect.String:
|
||||||
|
if v.Type() == numberType && !isValidNumber(string(s)) {
|
||||||
|
return fmt.Errorf("json: invalid number literal, trying to unmarshal %q into Number", item)
|
||||||
|
}
|
||||||
v.SetString(string(s))
|
v.SetString(string(s))
|
||||||
case reflect.Interface:
|
case reflect.Interface:
|
||||||
if v.NumMethod() == 0 {
|
if v.NumMethod() == 0 {
|
||||||
|
@ -949,6 +949,37 @@ var unmarshalTests = []unmarshalTest{
|
|||||||
Offset: 29,
|
Offset: 29,
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
// #14702
|
||||||
|
{
|
||||||
|
in: `invalid`,
|
||||||
|
ptr: new(Number),
|
||||||
|
err: &SyntaxError{
|
||||||
|
msg: "invalid character 'i' looking for beginning of value",
|
||||||
|
Offset: 1,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
in: `"invalid"`,
|
||||||
|
ptr: new(Number),
|
||||||
|
err: fmt.Errorf("json: invalid number literal, trying to unmarshal %q into Number", `"invalid"`),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
in: `{"A":"invalid"}`,
|
||||||
|
ptr: new(struct{ A Number }),
|
||||||
|
err: fmt.Errorf("json: invalid number literal, trying to unmarshal %q into Number", `"invalid"`),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
in: `{"A":"invalid"}`,
|
||||||
|
ptr: new(struct {
|
||||||
|
A Number `json:",string"`
|
||||||
|
}),
|
||||||
|
err: fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into json.Number", `invalid`),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
in: `{"A":"invalid"}`,
|
||||||
|
ptr: new(map[string]Number),
|
||||||
|
err: fmt.Errorf("json: invalid number literal, trying to unmarshal %q into Number", `"invalid"`),
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestMarshal(t *testing.T) {
|
func TestMarshal(t *testing.T) {
|
||||||
|
Loading…
Reference in New Issue
Block a user