decode doesn't properly handle escaped slashes ("\/")
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| python-cjson (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
According to the json specs, slashes can be encoded by using the escaped sequence \/ - but PyString_
Just try:
>>> import cjson, json
>>> cjson.decode(
{'a': 'image\\/jpeg'}
>>> json.loads(
{u'a': u'image/jpeg'}
>>>
The attached patch solves the issue efficiently for strings shorter than 16K (a safety thing, we don't want huge arrays in the stack, and our own use of cjson rarely ever handles strings longer than that). It won't die on strings larger than 16K (simply not decode the slashes), so I believe it's safe enough.
It would be simple enough to provide a path for the case of strings longer than 16K by using malloc instead of alloca in those particular cases. The trick would lie in making sure there was no memory leak in that case.
| klauss (klaussfreire) wrote | #1 |
| Ubuntu Foundations Team Bug Bot (crichton) wrote | #2 |
| tags: | added: patch |
The attachment "Manually decode \/ prior to building a string with PyString_X()" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]