search

SWI-Prolog / packages-http

The SWI-Prolog HTTP server and client libraries
23 stars 23 forks source link

Illegal JSON value allowed: - #147

Closed spl closed 3 years ago

spl commented 3 years ago

The http/json package reads "-" (a.k.a. minus, dash, hyphen) and successfully outputs the atom -:

$ swipl 
Welcome to SWI-Prolog (threaded, 64 bits, version 8.2.4)
SWI-Prolog comes with ABSOLUTELY NO WARRANTY. This is free software.
Please run ?- license. for legal details.

For online help and background, visit https://www.swi-prolog.org
For built-in help, use ?- help(Topic). or ?- apropos(Word).

?- use_module(library(http/json)).
true.

?- json:atom_json_dict("-", Result, []), Result = '-'.
Result =  (-).

I wonder if it is related to this clause in json_term_top:

https://github.com/SWI-Prolog/packages-http/blob/0b90c2055b748cc12a816a5a1fde554163105efe/json.pl#L309-L311

JanWielemaker commented 3 years ago

Thanks. Fixed with 8eb6900fab76b8ee8fa9bb4c4b58794f0f821d77. In fact, correct JSON documents are parsed correctly, but following - or 0 it was possible to get the parser to accept illegal JSON.

spl commented 3 years ago

Thanks!