# HG changeset patch # User jbe # Date 1407986300 -7200 # Node ID 1a10fef86d97d6d5550bc81e225987df2fd51780 # Parent 035b58aa430a39af02fbde0b439ba2d35b9942e2 Added type checks to C functions of JSON library to avoid crashes due to wrong arguments diff -r 035b58aa430a -r 1a10fef86d97 libraries/json/json.c --- a/libraries/json/json.c Thu Aug 14 01:11:24 2014 +0200 +++ b/libraries/json/json.c Thu Aug 14 05:18:20 2014 +0200 @@ -818,6 +818,8 @@ // returns the length of a JSON array (or zero for a table without numeric keys): static int json_len(lua_State *L) { + // require table as first argument: + luaL_checktype(L, 1, LUA_TTABLE); // stack shall contain one function argument: lua_settop(L, 1); // push shadow table or nil onto stack: @@ -831,6 +833,8 @@ // __index metamethod for JSON objects and JSON arrays: static int json_index(lua_State *L) { + // require table as first argument: + luaL_checktype(L, 1, LUA_TTABLE); // stack shall contain two function arguments: lua_settop(L, 2); // replace first argument with its shadow table @@ -848,6 +852,8 @@ // __newindex metamethod for JSON objects and JSON arrays: static int json_newindex(lua_State *L) { + // require table as first argument + luaL_checktype(L, 1, LUA_TTABLE); // stack shall contain three function arguments: lua_settop(L, 3); // replace first argument with its shadow table @@ -863,6 +869,8 @@ // function returned as first value by json_pairs function: static int json_pairs_iterfunc(lua_State *L) { + // require table as first argument + luaL_checktype(L, 1, LUA_TTABLE); // stack shall contain two function arguments: lua_settop(L, 2); // get next key value pair from shadow table (argument 1) using previous key (argument 2) @@ -880,8 +888,8 @@ // returns a triple such that 'for key, value in pairs(obj) do ... end' // iterates through all key value pairs (including JSON null values represented as Lua nil): static int json_pairs(lua_State *L) { - // require one argument to function - luaL_checkany(L, 1); + // require table as first argument + luaL_checktype(L, 1, LUA_TTABLE); // return triple of function json_pairs_iterfunc, shadow table of first argument, and nil: lua_pushcfunction(L, json_pairs_iterfunc); json_getshadow(L, 1); @@ -893,6 +901,8 @@ // function returned as first value by json_ipairs function: static int json_ipairs_iterfunc(lua_State *L) { lua_Integer idx; + // require table as first argument + luaL_checktype(L, 1, LUA_TTABLE); // stack shall contain two function arguments: lua_settop(L, 2); // calculate new index by incrementing second argument: @@ -913,8 +923,8 @@ // returns a triple such that 'for idx, value in ipairs(ary) do ... end' // iterates through all values (including JSON null values represented as Lua nil): static int json_ipairs(lua_State *L) { - // require one argument to function - luaL_checkany(L, 1); + // require table as first argument + luaL_checktype(L, 1, LUA_TTABLE); // return triple of function json_ipairs_iterfunc, shadow table of first argument, and zero: lua_pushcfunction(L, json_ipairs_iterfunc); json_getshadow(L, 1);