Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(169)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/safe_json/json_sanitizer_android.cc

Issue 1203083002: Add a JSON sanitizer. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: x Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« components/safe_json/json_sanitizer.h ('K') | « components/safe_json/json_sanitizer.cc ('k') | components/safe_json/json_sanitizer_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "components/safe_json/json_sanitizer.h"
6
7 #include "base/android/jni_string.h"
8 #include "base/bind.h"
9 #include "base/callback.h"
10 #include "base/memory/weak_ptr.h"
11 #include "base/message_loop/message_loop.h"
12 #include "base/strings/string_util.h"
13 #include "jni/JsonSanitizer_jni.h"
14
15 namespace safe_json {
16
17 namespace {
18
19 // An implementation of JsonSanitizer that calls into Java. It deals with
20 // malformed input (in particular malformed Unicode encodings) in the following
21 // steps:
22 // 1. The input string is checked for whether it is well-formed UTF-8. Malformed
Robert Sesek 2015/07/07 21:54:16 Is this step required, or does (2) have unexpected
Bernhard Bauer 2015/07/08 11:54:29 Step 2 will replace any invalid characters or mult
23 // UTF-8 is rejected.
24 // 2. The UTF-8 string is converted in native code to a Java String, which is
25 // encoded as UTF-16.
26 // 2. The Java String is parsed as JSON in the memory-safe environment of the
27 // Java VM and any string literals are unescaped.
28 // 3. The string literals themselves are now untrusted, so they are checked in
29 // Java for whether they are valid UTF-16.
30 // 4. The parsed JSON with sanitized literals is encoded back into a Java
31 // String and passed back to native code.
32 // 5. The Java String is converted back to UTF-8 in native code.
33 // This ensures that both invalid UTF-8 and invalid escaped UTF-16 will be
34 // rejected.
35 class JsonSanitizerAndroid : public JsonSanitizer {
36 public:
37 JsonSanitizerAndroid(const StringCallback& success_callback,
38 const StringCallback& error_callback);
39 ~JsonSanitizerAndroid() override {}
40
41 // JsonSanitizer implementation:
42 void Start(const std::string& unsafe_json) override;
43
44 void OnSuccess(const std::string& json);
45 void OnError(const std::string& error);
46
47 private:
48 void RunStringCallback(const StringCallback& callback,
49 const std::string& value);
50
51 StringCallback success_callback_;
52 StringCallback error_callback_;
53
54 base::WeakPtrFactory<JsonSanitizerAndroid> weak_ptr_factory_;
55
56 DISALLOW_COPY_AND_ASSIGN(JsonSanitizerAndroid);
57 };
58
59 JsonSanitizerAndroid::JsonSanitizerAndroid(
60 const StringCallback& success_callback,
61 const StringCallback& error_callback)
62 : success_callback_(success_callback),
63 error_callback_(error_callback),
64 weak_ptr_factory_(this) {}
65
66 void JsonSanitizerAndroid::Start(const std::string& unsafe_json) {
67 // The JSON parser only accepts wellformed UTF-8.
68 if (!base::IsStringUTF8(unsafe_json)) {
69 OnError("Unsupported encoding");
70 return;
71 }
72
73 JNIEnv* env = base::android::AttachCurrentThread();
74 base::android::ScopedJavaLocalRef<jstring> unsafe_json_java =
75 base::android::ConvertUTF8ToJavaString(env, unsafe_json);
76 Java_JsonSanitizer_sanitize(env, reinterpret_cast<jlong>(this),
77 unsafe_json_java.obj());
78 }
79
80 void JsonSanitizerAndroid::OnSuccess(const std::string& json) {
81 base::MessageLoop::current()->PostTask(
82 FROM_HERE,
83 base::Bind(&JsonSanitizerAndroid::RunStringCallback,
84 weak_ptr_factory_.GetWeakPtr(), success_callback_, json));
85 }
86
87 void JsonSanitizerAndroid::OnError(const std::string& error) {
88 base::MessageLoop::current()->PostTask(
89 FROM_HERE,
90 base::Bind(&JsonSanitizerAndroid::RunStringCallback,
91 weak_ptr_factory_.GetWeakPtr(), error_callback_, error));
92 }
93
94 void JsonSanitizerAndroid::RunStringCallback(const StringCallback& callback,
95 const std::string& value) {
96 callback.Run(value);
97 }
98
99 } // namespace
100
101 void OnSuccess(JNIEnv* env, jclass clazz, jlong jsanitizer, jstring json) {
102 JsonSanitizerAndroid* sanitizer =
103 reinterpret_cast<JsonSanitizerAndroid*>(jsanitizer);
104 sanitizer->OnSuccess(base::android::ConvertJavaStringToUTF8(env, json));
105 }
106
107 void OnError(JNIEnv* env, jclass clazz, jlong jsanitizer, jstring error) {
108 JsonSanitizerAndroid* sanitizer =
109 reinterpret_cast<JsonSanitizerAndroid*>(jsanitizer);
110 sanitizer->OnError(base::android::ConvertJavaStringToUTF8(env, error));
111 }
112
113 // static
114 scoped_ptr<JsonSanitizer> JsonSanitizer::Create(
115 const StringCallback& success_callback,
116 const StringCallback& error_callback) {
117 return make_scoped_ptr(
118 new JsonSanitizerAndroid(success_callback, error_callback));
119 }
120
121 // static
122 bool JsonSanitizer::Register(JNIEnv* env) {
123 return RegisterNativesImpl(env);
124 }
125
126 } // namespace safe_json
OLDNEW
« components/safe_json/json_sanitizer.h ('K') | « components/safe_json/json_sanitizer.cc ('k') | components/safe_json/json_sanitizer_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698