3 files changed, 14 insertions, 10 deletions

diff --git a/ChangeLog b/ChangeLog
index 74c5ee9ab6..4f6e6675b7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,8 @@
-Fri Dec 26 15:09:27 2014  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+Fri Dec 26 15:13:13 2014  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* ext/json/parser/parser.rl (unescape_unicode): check if valid
+	  before bit-or assignments.
+	  reported by Denis Denisov <denji0k AT gmail.com>.
 
 	* ext/nkf/nkf-utf8/nkf.c (nkf_iconv_t): fix a missing semicolon.
 	  reported by Denis Denisov <denji0k AT gmail.com>.
diff --git a/ext/json/parser/parser.c b/ext/json/parser/parser.c
index 560aa8977f..f9d0d193b6 100644
--- a/ext/json/parser/parser.c
+++ b/ext/json/parser/parser.c
@@ -28,16 +28,16 @@ static UTF32 unescape_unicode(const unsigned char *p)
     UTF32 result = 0;
     b = digit_values[p[0]];
     if (b < 0) return UNI_REPLACEMENT_CHAR;
-    result = (result << 4) | b;
+    result = (result << 4) | (unsigned char)b;
     b = digit_values[p[1]];
-    result = (result << 4) | b;
     if (b < 0) return UNI_REPLACEMENT_CHAR;
+    result = (result << 4) | (unsigned char)b;
     b = digit_values[p[2]];
-    result = (result << 4) | b;
     if (b < 0) return UNI_REPLACEMENT_CHAR;
+    result = (result << 4) | (unsigned char)b;
     b = digit_values[p[3]];
-    result = (result << 4) | b;
     if (b < 0) return UNI_REPLACEMENT_CHAR;
+    result = (result << 4) | (unsigned char)b;
     return result;
 }
 
diff --git a/ext/json/parser/parser.rl b/ext/json/parser/parser.rl
index 34e30f4868..3d7b5a65fb 100644
--- a/ext/json/parser/parser.rl
+++ b/ext/json/parser/parser.rl
@@ -26,16 +26,16 @@ static UTF32 unescape_unicode(const unsigned char *p)
     UTF32 result = 0;
     b = digit_values[p[0]];
     if (b < 0) return UNI_REPLACEMENT_CHAR;
-    result = (result << 4) | b;
+    result = (result << 4) | (unsigned char)b;
     b = digit_values[p[1]];
-    result = (result << 4) | b;
     if (b < 0) return UNI_REPLACEMENT_CHAR;
+    result = (result << 4) | (unsigned char)b;
     b = digit_values[p[2]];
-    result = (result << 4) | b;
     if (b < 0) return UNI_REPLACEMENT_CHAR;
+    result = (result << 4) | (unsigned char)b;
     b = digit_values[p[3]];
-    result = (result << 4) | b;
     if (b < 0) return UNI_REPLACEMENT_CHAR;
+    result = (result << 4) | (unsigned char)b;
     return result;
 }
 
@@ -883,7 +883,7 @@ static VALUE cParser_quirks_mode_p(VALUE self)
 }
 
 
-void Init_parser()
+void Init_parser(void)
 {
     rb_require("json/common");
     mJSON = rb_define_module("JSON");