search

redballoonsecurity / ofrak

OFRAK: unpack, modify, and repack binaries.
https://ofrak.com
Other
1.87k stars 127 forks source link

Ghidra Server JSON Parsing does not escape control characters. #247

Open dannyp303 opened 1 year ago

dannyp303 commented 1 year ago

The JSON Implementation in the ofrak_ghidra components does not consider control characters in JSON output.

In my case, attempting to send string data recovered from a binary with newline (\n) characters produces: json.decoder.JSONDecodeError: Invalid control character at: line 1 column 31 (char 30)

Ghidra has it's own JSON parser with about zero documentation: https://ghidra.re/ghidra_docs/api/generic/json/JSONParser.html

And only some people using it to parse json, not construct one: https://github.com/NationalSecurityAgency/ghidra/issues/1982

rbs-jacob commented 1 year ago

So, to be clear, the issue is that the Java components emit JSON without escaping strings in the generated JSON, right? I want to clarify that we're talking about generating JSON and not parsing it so I can be sure I'm thinking about this right.

If so, a band-aid sort of fix is probably something like this (modified based on this):

return s.replace("\\", "\\\\")   // Must escape slash first
        .replace("/", "\\/")
        .replace("\t", "\\t")
        .replace("\b", "\\b")
        .replace("\n", "\\n")
        .replace("\r", "\\r")
        .replace("\f", "\\f")
        .replace("\"", "\\\"");