Mirror/TrinityCore
1
0
Fork 0
mirror of https://github.com/TrinityCore/TrinityCore.git synced 2026-01-18 00:18:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Core/JSON: Prevent out of bounds memory accesses in json deserialization

Browse Source
This commit is contained in:
Shauren
2024-11-13 00:24:39 +01:00
parent 4e551741cf
commit e8d949c794
2 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/server/shared/JSON/ProtobufJSON.cpp
View File

@@ -20,9 +20,8 @@
#include "Log.h"
#include "StringFormat.h"
#include <google/protobuf/message.h>
#include <rapidjson/writer.h>
#include <rapidjson/reader.h>
#include <rapidjson/stringbuffer.h>
#include <rapidjson/writer.h>
#include <stack>
class Serializer
@@ -188,7 +187,7 @@ class Deserializer : public rapidjson::BaseReaderHandler<rapidjson::UTF8<>, Dese
public:
bool ReadMessage(std::string const& json, google::protobuf::Message* message);
bool Key(const Ch* str, rapidjson::SizeType length, bool copy);
bool Key(Ch const* str, rapidjson::SizeType length, bool copy);
bool Null();
bool Bool(bool b);
bool Int(int32 i);
@@ -196,7 +195,7 @@ public:
bool Int64(int64 i);
bool Uint64(uint64 i);
bool Double(double d);
bool String(const Ch* str, rapidjson::SizeType length, bool copy);
bool String(Ch const* str, rapidjson::SizeType length, bool copy);
bool StartObject();
bool EndObject(rapidjson::SizeType memberCount);
bool StartArray();
@@ -215,18 +214,19 @@ private:
bool Deserializer::ReadMessage(std::string const& json, google::protobuf::Message* message)
{
rapidjson::StringStream ss(json.c_str());
rapidjson::MemoryStream ms(json.data(), json.length());
rapidjson::EncodedInputStream<rapidjson::UTF8<>, rapidjson::MemoryStream> is(ms);
_objectState.push(message);
rapidjson::ParseResult result = _reader.Parse(ss, *this);
rapidjson::ParseResult result = _reader.Parse(is, *this);
ASSERT(result.IsError() || (_objectState.empty() && _state.empty()));
return !result.IsError() && _errors.empty();
}
bool Deserializer::Key(const Ch* str, rapidjson::SizeType /*length*/, bool /*copy*/)
bool Deserializer::Key(Ch const* str, rapidjson::SizeType /*length*/, bool /*copy*/)
{
google::protobuf::FieldDescriptor const* field = _objectState.top()->GetDescriptor()->FindFieldByName(str);
if (!field)
@@ -338,7 +338,7 @@ bool Deserializer::Double(double d)
return true;
}
bool Deserializer::String(const Ch* str, rapidjson::SizeType /*length*/, bool /*copy*/)
bool Deserializer::String(Ch const* str, rapidjson::SizeType /*length*/, bool /*copy*/)
{
google::protobuf::FieldDescriptor const* field = _state.top();
google::protobuf::Message* message = _objectState.top();