webmcp

changeset 201:1a10fef86d97

Added type checks to C functions of JSON library to avoid crashes due to wrong arguments
author jbe
date Thu Aug 14 05:18:20 2014 +0200 (2014-08-14)
parents 035b58aa430a
children eceb6f56e9ed
files libraries/json/json.c
line diff
     1.1 --- a/libraries/json/json.c	Thu Aug 14 01:11:24 2014 +0200
     1.2 +++ b/libraries/json/json.c	Thu Aug 14 05:18:20 2014 +0200
     1.3 @@ -818,6 +818,8 @@
     1.4  
     1.5  // returns the length of a JSON array (or zero for a table without numeric keys):
     1.6  static int json_len(lua_State *L) {
     1.7 +  // require table as first argument:
     1.8 +  luaL_checktype(L, 1, LUA_TTABLE);
     1.9    // stack shall contain one function argument:
    1.10    lua_settop(L, 1);
    1.11    // push shadow table or nil onto stack:
    1.12 @@ -831,6 +833,8 @@
    1.13  
    1.14  // __index metamethod for JSON objects and JSON arrays:
    1.15  static int json_index(lua_State *L) {
    1.16 +  // require table as first argument:
    1.17 +  luaL_checktype(L, 1, LUA_TTABLE);
    1.18    // stack shall contain two function arguments:
    1.19    lua_settop(L, 2);
    1.20    // replace first argument with its shadow table
    1.21 @@ -848,6 +852,8 @@
    1.22  
    1.23  // __newindex metamethod for JSON objects and JSON arrays:
    1.24  static int json_newindex(lua_State *L) {
    1.25 +  // require table as first argument
    1.26 +  luaL_checktype(L, 1, LUA_TTABLE);
    1.27    // stack shall contain three function arguments:
    1.28    lua_settop(L, 3);
    1.29    // replace first argument with its shadow table
    1.30 @@ -863,6 +869,8 @@
    1.31  
    1.32  // function returned as first value by json_pairs function:
    1.33  static int json_pairs_iterfunc(lua_State *L) {
    1.34 +  // require table as first argument
    1.35 +  luaL_checktype(L, 1, LUA_TTABLE);
    1.36    // stack shall contain two function arguments:
    1.37    lua_settop(L, 2);
    1.38    // get next key value pair from shadow table (argument 1) using previous key (argument 2)
    1.39 @@ -880,8 +888,8 @@
    1.40  // returns a triple such that 'for key, value in pairs(obj) do ... end'
    1.41  // iterates through all key value pairs (including JSON null values represented as Lua nil):
    1.42  static int json_pairs(lua_State *L) {
    1.43 -  // require one argument to function
    1.44 -  luaL_checkany(L, 1);
    1.45 +  // require table as first argument
    1.46 +  luaL_checktype(L, 1, LUA_TTABLE);
    1.47    // return triple of function json_pairs_iterfunc, shadow table of first argument, and nil:
    1.48    lua_pushcfunction(L, json_pairs_iterfunc);
    1.49    json_getshadow(L, 1);
    1.50 @@ -893,6 +901,8 @@
    1.51  // function returned as first value by json_ipairs function:
    1.52  static int json_ipairs_iterfunc(lua_State *L) {
    1.53    lua_Integer idx;
    1.54 +  // require table as first argument
    1.55 +  luaL_checktype(L, 1, LUA_TTABLE);
    1.56    // stack shall contain two function arguments:
    1.57    lua_settop(L, 2);
    1.58    // calculate new index by incrementing second argument:
    1.59 @@ -913,8 +923,8 @@
    1.60  // returns a triple such that 'for idx, value in ipairs(ary) do ... end'
    1.61  // iterates through all values (including JSON null values represented as Lua nil):
    1.62  static int json_ipairs(lua_State *L) {
    1.63 -  // require one argument to function
    1.64 -  luaL_checkany(L, 1);
    1.65 +  // require table as first argument
    1.66 +  luaL_checktype(L, 1, LUA_TTABLE);
    1.67    // return triple of function json_ipairs_iterfunc, shadow table of first argument, and zero:
    1.68    lua_pushcfunction(L, json_ipairs_iterfunc);
    1.69    json_getshadow(L, 1);

Impressum / About Us