diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | ext/json/parser/parser.c | 8 | ||||
-rw-r--r-- | ext/json/parser/parser.rl | 10 |
3 files changed, 14 insertions, 10 deletions
@@ -1,4 +1,8 @@ -Fri Dec 26 15:09:27 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> +Fri Dec 26 15:13:13 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * ext/json/parser/parser.rl (unescape_unicode): check if valid + before bit-or assignments. + reported by Denis Denisov <denji0k AT gmail.com>. * ext/nkf/nkf-utf8/nkf.c (nkf_iconv_t): fix a missing semicolon. reported by Denis Denisov <denji0k AT gmail.com>. diff --git a/ext/json/parser/parser.c b/ext/json/parser/parser.c index 560aa8977f..f9d0d193b6 100644 --- a/ext/json/parser/parser.c +++ b/ext/json/parser/parser.c @@ -28,16 +28,16 @@ static UTF32 unescape_unicode(const unsigned char *p) UTF32 result = 0; b = digit_values[p[0]]; if (b < 0) return UNI_REPLACEMENT_CHAR; - result = (result << 4) | b; + result = (result << 4) | (unsigned char)b; b = digit_values[p[1]]; - result = (result << 4) | b; if (b < 0) return UNI_REPLACEMENT_CHAR; + result = (result << 4) | (unsigned char)b; b = digit_values[p[2]]; - result = (result << 4) | b; if (b < 0) return UNI_REPLACEMENT_CHAR; + result = (result << 4) | (unsigned char)b; b = digit_values[p[3]]; - result = (result << 4) | b; if (b < 0) return UNI_REPLACEMENT_CHAR; + result = (result << 4) | (unsigned char)b; return result; } diff --git a/ext/json/parser/parser.rl b/ext/json/parser/parser.rl index 34e30f4868..3d7b5a65fb 100644 --- a/ext/json/parser/parser.rl +++ b/ext/json/parser/parser.rl @@ -26,16 +26,16 @@ static UTF32 unescape_unicode(const unsigned char *p) UTF32 result = 0; b = digit_values[p[0]]; if (b < 0) return UNI_REPLACEMENT_CHAR; - result = (result << 4) | b; + result = (result << 4) | (unsigned char)b; b = digit_values[p[1]]; - result = (result << 4) | b; if (b < 0) return UNI_REPLACEMENT_CHAR; + result = (result << 4) | (unsigned char)b; b = digit_values[p[2]]; - result = (result << 4) | b; if (b < 0) return UNI_REPLACEMENT_CHAR; + result = (result << 4) | (unsigned char)b; b = digit_values[p[3]]; - result = (result << 4) | b; if (b < 0) return UNI_REPLACEMENT_CHAR; + result = (result << 4) | (unsigned char)b; return result; } @@ -883,7 +883,7 @@ static VALUE cParser_quirks_mode_p(VALUE self) } -void Init_parser() +void Init_parser(void) { rb_require("json/common"); mJSON = rb_define_module("JSON"); |