--- JSON-XS/XS.xs 2008/03/27 06:37:35 1.84 +++ JSON-XS/XS.xs 2008/11/20 03:59:53 1.94 @@ -34,18 +34,9 @@ #define F_CONV_BLESSED 0x00000800UL #define F_RELAXED 0x00001000UL #define F_ALLOW_UNKNOWN 0x00002000UL - -#define F_MAXDEPTH 0xf8000000UL -#define S_MAXDEPTH 27 -#define F_MAXSIZE 0x01f00000UL -#define S_MAXSIZE 20 #define F_HOOK 0x00080000UL // some hooks exist, so slow-path processing -#define DEC_DEPTH(flags) (1UL << ((flags & F_MAXDEPTH) >> S_MAXDEPTH)) -#define DEC_SIZE(flags) (1UL << ((flags & F_MAXSIZE ) >> S_MAXSIZE )) - #define F_PRETTY F_INDENT | F_SPACE_BEFORE | F_SPACE_AFTER -#define F_DEFAULT (9UL << S_MAXDEPTH) #define INIT_SIZE 32 // initial scalar size to be allocated #define INDENT_STEP 3 // spaces per indentation level @@ -70,6 +61,8 @@ ((unsigned type)((unsigned type)(val) - (unsigned type)(beg)) \ <= (unsigned type)((unsigned type)(end) - (unsigned type)(beg))) +#define ERR_NESTING_EXCEEDED "json text or perl structure exceeds maximum nesting level (max_depth set too low?)" + #ifdef USE_ITHREADS # define JSON_SLOW 1 # define JSON_STASH (json_stash ? json_stash : gv_stashpv ("JSON::XS", 1)) @@ -88,10 +81,13 @@ INCR_M_JSON // outside anything, count nesting }; -#define INCR_DONE(json) (!(json)->incr_nest && (json)->incr_mode == INCR_M_JSON) +#define INCR_DONE(json) ((json)->incr_nest <= 0 && (json)->incr_mode == INCR_M_JSON) typedef struct { U32 flags; + U32 max_depth; + STRLEN max_size; + SV *cb_object; HV *cb_sk_object; @@ -99,9 +95,16 @@ SV *incr_text; // the source text so far STRLEN incr_pos; // the current offset into the text int incr_nest; // {[]}-nesting level - int incr_mode; + unsigned char incr_mode; } JSON; +INLINE void +json_init (JSON *json) +{ + Zero (json, 1, JSON); + json->max_depth = 512; +} + ///////////////////////////////////////////////////////////////////////////// // utility functions @@ -120,6 +123,7 @@ shrink (SV *sv) { sv_utf8_downgrade (sv, 1); + if (SvLEN (sv) > SvCUR (sv) + 1) { #ifdef SvPV_shrink_to_cur @@ -184,7 +188,6 @@ SV *sv; // result scalar JSON json; U32 indent; // indentation level - U32 maxdepth; // max. indentation/recursion level UV limit; // escape character values >= this value when encoding } enc_t; @@ -193,7 +196,7 @@ { if (expect_false (enc->cur + len >= enc->end)) { - STRLEN cur = enc->cur - SvPVX (enc->sv); + STRLEN cur = enc->cur - (char *)SvPVX (enc->sv); SvGROW (enc->sv, cur + len + 1); enc->cur = SvPVX (enc->sv) + cur; enc->end = SvPVX (enc->sv) + SvLEN (enc->sv) - 1; @@ -279,14 +282,13 @@ } else { - static char hexdigit [16] = "0123456789abcdef"; need (enc, len += 5); *enc->cur++ = '\\'; *enc->cur++ = 'u'; - *enc->cur++ = hexdigit [ uch >> 12 ]; - *enc->cur++ = hexdigit [(uch >> 8) & 15]; - *enc->cur++ = hexdigit [(uch >> 4) & 15]; - *enc->cur++ = hexdigit [(uch >> 0) & 15]; + *enc->cur++ = PL_hexdigit [ uch >> 12 ]; + *enc->cur++ = PL_hexdigit [(uch >> 8) & 15]; + *enc->cur++ = PL_hexdigit [(uch >> 4) & 15]; + *enc->cur++ = PL_hexdigit [(uch >> 0) & 15]; } str += clen; @@ -367,8 +369,8 @@ { int i, len = av_len (av); - if (enc->indent >= enc->maxdepth) - croak ("data structure too deep (hit recursion limit)"); + if (enc->indent >= enc->json.max_depth) + croak (ERR_NESTING_EXCEEDED); encode_ch (enc, '['); @@ -453,14 +455,14 @@ { HE *he; - if (enc->indent >= enc->maxdepth) - croak ("data structure too deep (hit recursion limit)"); + if (enc->indent >= enc->json.max_depth) + croak (ERR_NESTING_EXCEEDED); encode_ch (enc, '{'); // for canonical output we have to sort by keys first // actually, this is mostly due to the stupid so-called - // security workaround added somewhere in 5.8.x. + // security workaround added somewhere in 5.8.x // that randomises hash orderings if (enc->json.flags & F_CANONICAL) { @@ -744,7 +746,6 @@ enc.cur = SvPVX (enc.sv); enc.end = SvEND (enc.sv); enc.indent = 0; - enc.maxdepth = DEC_DEPTH (enc.json.flags); enc.limit = enc.json.flags & F_ASCII ? 0x000080UL : enc.json.flags & F_LATIN1 ? 0x000100UL : 0x110000UL; @@ -821,7 +822,7 @@ ++dec->cur; \ SE -#define DEC_INC_DEPTH if (++dec->depth > dec->maxdepth) ERR ("json datastructure exceeds maximum nesting level (set a higher max_depth)") +#define DEC_INC_DEPTH if (++dec->depth > dec->json.max_depth) ERR (ERR_NESTING_EXCEEDED) #define DEC_DEC_DEPTH --dec->depth static SV *decode_sv (dec_t *dec); @@ -1411,12 +1412,34 @@ STRLEN offset; SV *sv; - SvGETMAGIC (string); + /* work around bugs in 5.10 where manipulating magic values + * will perl ignore the magic in subsequent accesses + */ + /*SvGETMAGIC (string);*/ + if (SvMAGICAL (string)) + string = sv_2mortal (newSVsv (string)); + SvUPGRADE (string, SVt_PV); - if (json->flags & F_MAXSIZE && SvCUR (string) > DEC_SIZE (json->flags)) + /* work around a bug in perl 5.10, which causes SvCUR to fail an + * assertion with -DDEBUGGING, although SvCUR is documented to + * return the xpv_cur field which certainly exists after upgrading. + * according to nicholas clark, calling SvPOK fixes this. + * But it doesn't fix it, so try another workaround, call SvPV_nolen + * and hope for the best. + * Damnit, SvPV_nolen still trips over yet another assertion. This + * assertion business is seriously broken, try yet another workaround + * for the broken -DDEBUGGING. + */ +#ifdef DEBUGGING + offset = SvOK (string) ? sv_len (string) : 0; +#else + offset = SvCUR (string); +#endif + + if (offset > json->max_size && json->max_size) croak ("attempted decode of JSON text of %lu bytes size, but max_size is set to %lu", - (unsigned long)SvCUR (string), (unsigned long)DEC_SIZE (json->flags)); + (unsigned long)SvCUR (string), (unsigned long)json->max_size); if (json->flags & F_UTF8) sv_utf8_downgrade (string, 0); @@ -1425,12 +1448,11 @@ SvGROW (string, SvCUR (string) + 1); // should basically be a NOP - dec.json = *json; - dec.cur = SvPVX (string); - dec.end = SvEND (string); - dec.err = 0; - dec.depth = 0; - dec.maxdepth = DEC_DEPTH (dec.json.flags); + dec.json = *json; + dec.cur = SvPVX (string); + dec.end = SvEND (string); + dec.err = 0; + dec.depth = 0; if (dec.json.cb_object || dec.json.cb_sk_object) dec.json.flags |= F_HOOK; @@ -1586,12 +1608,13 @@ case '[': case '{': - ++self->incr_nest; + if (++self->incr_nest > self->max_depth) + croak (ERR_NESTING_EXCEEDED); break; case ']': case '}': - if (!--self->incr_nest) + if (--self->incr_nest <= 0) goto interrupt; } } @@ -1641,8 +1664,7 @@ { SV *pv = NEWSV (0, sizeof (JSON)); SvPOK_only (pv); - Zero (SvPVX (pv), 1, JSON); - ((JSON *)SvPVX (pv))->flags = F_DEFAULT; + json_init ((JSON *)SvPVX (pv)); XPUSHs (sv_2mortal (sv_bless ( newRV_noinc (pv), strEQ (klass, "JSON::XS") ? JSON_STASH : gv_stashpv (klass, 1) @@ -1693,46 +1715,25 @@ PPCODE: XPUSHs (boolSV (self->flags & ix)); -void max_depth (JSON *self, UV max_depth = 0x80000000UL) +void max_depth (JSON *self, U32 max_depth = 0x80000000UL) PPCODE: -{ - UV log2 = 0; - - if (max_depth > 0x80000000UL) max_depth = 0x80000000UL; - - while ((1UL << log2) < max_depth) - ++log2; - - self->flags = self->flags & ~F_MAXDEPTH | (log2 << S_MAXDEPTH); - + self->max_depth = max_depth; XPUSHs (ST (0)); -} U32 get_max_depth (JSON *self) CODE: - RETVAL = DEC_DEPTH (self->flags); + RETVAL = self->max_depth; OUTPUT: RETVAL -void max_size (JSON *self, UV max_size = 0) +void max_size (JSON *self, U32 max_size = 0) PPCODE: -{ - UV log2 = 0; - - if (max_size > 0x80000000UL) max_size = 0x80000000UL; - if (max_size == 1) max_size = 2; - - while ((1UL << log2) < max_size) - ++log2; - - self->flags = self->flags & ~F_MAXSIZE | (log2 << S_MAXSIZE); - + self->max_size = max_size; XPUSHs (ST (0)); -} int get_max_size (JSON *self) CODE: - RETVAL = DEC_SIZE (self->flags); + RETVAL = self->max_size; OUTPUT: RETVAL @@ -1821,6 +1822,11 @@ if (!INCR_DONE (self)) { incr_parse (self); + + if (self->incr_pos > self->max_size && self->max_size) + croak ("attempted decode of JSON text of %lu bytes size, but max_size is set to %lu", + (unsigned long)self->incr_pos, (unsigned long)self->max_size); + if (!INCR_DONE (self)) break; } @@ -1859,6 +1865,16 @@ } } +void incr_reset (JSON *self) + CODE: +{ + SvREFCNT_dec (self->incr_text); + self->incr_text = 0; + self->incr_pos = 0; + self->incr_nest = 0; + self->incr_mode = 0; +} + void DESTROY (JSON *self) CODE: SvREFCNT_dec (self->cb_sk_object); @@ -1873,7 +1889,9 @@ encode_json = F_UTF8 PPCODE: { - JSON json = { F_DEFAULT | ix }; + JSON json; + json_init (&json); + json.flags |= ix; XPUSHs (encode_json (scalar, &json)); } @@ -1883,7 +1901,9 @@ decode_json = F_UTF8 PPCODE: { - JSON json = { F_DEFAULT | ix }; + JSON json; + json_init (&json); + json.flags |= ix; XPUSHs (decode_json (jsonstr, &json, 0)); }