tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto-sanitize data before en-/decoding JSON

This commit is contained in:
Alexander A. Klimov 2019-03-15 09:30:22 +01:00
parent 9daca0b216
commit 2a05b46431
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lib/base/json.cpp
View File

@ -7,6 +7,7 @@
#include "base/array.hpp"
#include "base/objectlock.hpp"
#include "base/convert.hpp"
#include "base/utility.hpp"
#include <bitset>
#include <boost/exception_ptr.hpp>
#include <cstdint>
@ -104,7 +105,7 @@ void EncodeNamespace(JsonEncoder<prettyPrint>& stateMachine, const Namespace::Pt
ObjectLock olock(ns);
for (const Namespace::Pair& kv : ns) {
stateMachine.Key(kv.first);
stateMachine.Key(Utility::ValidateUTF8(kv.first));
Encode(stateMachine, kv.second->Get());
}
@ -119,7 +120,7 @@ void EncodeDictionary(JsonEncoder<prettyPrint>& stateMachine, const Dictionary::
ObjectLock olock(dict);
for (const Dictionary::Pair& kv : dict) {
stateMachine.Key(kv.first);
stateMachine.Key(Utility::ValidateUTF8(kv.first));
Encode(stateMachine, kv.second);
}
@ -153,7 +154,7 @@ void Encode(JsonEncoder<prettyPrint>& stateMachine, const Value& value)
break;
case ValueString:
stateMachine.Strng(value.Get<String>());
stateMachine.Strng(Utility::ValidateUTF8(value.Get<String>()));
break;
case ValueObject:
@ -215,9 +216,11 @@ String icinga::JsonEncode(const Value& value, bool pretty_print)
Value icinga::JsonDecode(const String& data)
{
String sanitized (Utility::ValidateUTF8(data));
JsonSax stateMachine;
nlohmann::json::sax_parse(data.Begin(), data.End(), &stateMachine);
nlohmann::json::sax_parse(sanitized.Begin(), sanitized.End(), &stateMachine);
return stateMachine.GetResult();
}