* Fix memleak when parsing key with embedded null byte
This commit fixes and adds a test for a memory leak that occurs when
parsing strings with keys that have a null byte embedded in them.
This memory leak can be triggered with the following line, where this
call returns a `NULL`:
```c
json_parse_string("{\"\\u0000\"")
```
This memory leak happens in the `parse_object_value` function in here:
```
new_key = get_quoted_string(string, &key_len); <---- ALLOCATION
/* We do not support key names with embedded \0 chars */
if (new_key == NULL || key_len != strlen(new_key)) {
json_value_free(output_value);
return NULL; <---- `new_key` NOT FREED
}
SKIP_WHITESPACES(string);
if (**string != ':') {
parson_free(new_key);
json_value_free(output_value);
return NULL;
}
```
* Increments version to 1.1.2
Co-authored-by: Krzysztof Gabis <kgabis@gmail.com>
* Update parson.c
Get objects by index instead of key in json_serialize_to_buffer_r().
* Increments version and updates licence date.
Co-authored-by: Krzysztof Gabis <kgabis@gmail.com>
* Add support for strings with \0 chars
* address feedback
* Increments minor version, adds comments, changes license year
Co-authored-by: Krzysztof Gabis <kgabis@gmail.com>
SPDX-License-Identifier is useful to clarify the license (both for humans and
machines), especially when the code of the project is embedded into other
projects.
ref: https://spdx.org/using-spdx-license-identifier
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Some libraries don't have sscanf and since it wasn't used heavily it was easily replaced with a custom function. This doesn't mean that sscanf won't be used in future though (but I'll try to avoid it).
Fixes#68. Thanks to @compulim for initial work on this issue.
According to RFC 7159 it's now valid to accept json texts that are not object or arrays.
Also reordered realloc opeartion in json_object_add to not be called if key already exists.
json_parse_value_with_comments and json_parse_string_with_comments replace comments with whitespaces before parsing. Supported comments are: /* */ and //
Details:
- Increased STARTING_CAPACITY from 10 to 15.
- Added 2 macros: skip_char and skip_whitespaces.
- Added json_object_nget_value function, which removes neccessity to allocate new string when using dotget functions.
- Removed parson_strdup function, it was called only once and could be easilly replaced with appropriate call to parson_strndup.
- Renamed skip_string to skip_quotes, which is a more appropriate name, and made it work on a passed pointer to a string, which is much like skip_char and skip_whitespaces.
- Removed copy_and_remove_whitespaces, it was unncessary, and could be easily replaced with skip_whitepsaces macro.
- Merged parse_escaped_characters and get_string to get_processed_string, which makes more sense.
- Changed is_decimal implementation, to avoid unncessary string duplicating.
- Removed string copying in parse_number value and json_parse_string, since it was unncessary.
