diff options
| author | Shauren <shauren.trinity@gmail.com> | 2024-11-13 00:24:39 +0100 |
|---|---|---|
| committer | Shauren <shauren.trinity@gmail.com> | 2024-11-13 00:24:39 +0100 |
| commit | e8d949c7943cbc49bc7e5411b9ed169b422b8472 (patch) | |
| tree | 60c826f191aad4b335b89f5a88d1d118bc262f99 /src/server/shared/JSON/ProtobufJSON.cpp | |
| parent | 4e551741cf893a96bee66c063d4e028df7a11adf (diff) | |
Core/JSON: Prevent out of bounds memory accesses in json deserialization
Diffstat (limited to 'src/server/shared/JSON/ProtobufJSON.cpp')
| -rw-r--r-- | src/server/shared/JSON/ProtobufJSON.cpp | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/server/shared/JSON/ProtobufJSON.cpp b/src/server/shared/JSON/ProtobufJSON.cpp index a0fe9b3a68f..1949f067eb9 100644 --- a/src/server/shared/JSON/ProtobufJSON.cpp +++ b/src/server/shared/JSON/ProtobufJSON.cpp @@ -20,9 +20,8 @@ #include "Log.h" #include "StringFormat.h" #include <google/protobuf/message.h> -#include <rapidjson/writer.h> #include <rapidjson/reader.h> -#include <rapidjson/stringbuffer.h> +#include <rapidjson/writer.h> #include <stack> class Serializer @@ -188,7 +187,7 @@ class Deserializer : public rapidjson::BaseReaderHandler<rapidjson::UTF8<>, Dese public: bool ReadMessage(std::string const& json, google::protobuf::Message* message); - bool Key(const Ch* str, rapidjson::SizeType length, bool copy); + bool Key(Ch const* str, rapidjson::SizeType length, bool copy); bool Null(); bool Bool(bool b); bool Int(int32 i); @@ -196,7 +195,7 @@ public: bool Int64(int64 i); bool Uint64(uint64 i); bool Double(double d); - bool String(const Ch* str, rapidjson::SizeType length, bool copy); + bool String(Ch const* str, rapidjson::SizeType length, bool copy); bool StartObject(); bool EndObject(rapidjson::SizeType memberCount); bool StartArray(); @@ -215,18 +214,19 @@ private: bool Deserializer::ReadMessage(std::string const& json, google::protobuf::Message* message) { - rapidjson::StringStream ss(json.c_str()); + rapidjson::MemoryStream ms(json.data(), json.length()); + rapidjson::EncodedInputStream<rapidjson::UTF8<>, rapidjson::MemoryStream> is(ms); _objectState.push(message); - rapidjson::ParseResult result = _reader.Parse(ss, *this); + rapidjson::ParseResult result = _reader.Parse(is, *this); ASSERT(result.IsError() || (_objectState.empty() && _state.empty())); return !result.IsError() && _errors.empty(); } -bool Deserializer::Key(const Ch* str, rapidjson::SizeType /*length*/, bool /*copy*/) +bool Deserializer::Key(Ch const* str, rapidjson::SizeType /*length*/, bool /*copy*/) { google::protobuf::FieldDescriptor const* field = _objectState.top()->GetDescriptor()->FindFieldByName(str); if (!field) @@ -338,7 +338,7 @@ bool Deserializer::Double(double d) return true; } -bool Deserializer::String(const Ch* str, rapidjson::SizeType /*length*/, bool /*copy*/) +bool Deserializer::String(Ch const* str, rapidjson::SizeType /*length*/, bool /*copy*/) { google::protobuf::FieldDescriptor const* field = _state.top(); google::protobuf::Message* message = _objectState.top(); |