search

brianmario / yajl-ruby

A streaming JSON parsing and encoding library for Ruby (C bindings to yajl)
http://rdoc.info/projects/brianmario/yajl-ruby
MIT License
1.48k stars 169 forks source link

Fix parsing bad surrogate trailers #177

Closed brianmario closed 6 years ago

brianmario commented 6 years ago

If a valid surrogate character escape is found and the following byte sequence isn't a valid unicode escape sequence, insert our replacement character '?' as we would any other place we saw invalid characters while unescaping.

In general, this default case from this switch should be treated as seeing an invalid character in the sequence. So we should replace it with our replacement character instead of blowing up.

This fix should be applied upstream on yajl itself as well, but I'm starting here since that's where the original issue was reported and we have a patched yajl embedded anyway.

Fixes #176

brianmario commented 6 years ago

Closing this as it's the wrong fix. Proper fix incoming.

brianmario commented 6 years ago

Proper fix over at https://github.com/brianmario/yajl-ruby/pull/178