chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java - Issue 2039303002: Sanitize JSON string before parsing it.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java

Issue 2039303002: Sanitize JSON string before parsing it. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fix deps Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « chrome/android/java/DEPS ('k') | components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java

diff --git a/chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java b/chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java

index 8c920f4ac903726efc7e359c2b440323be725240..ab5c84026ee28a805033a1355d50ba6df31d5332 100644

--- a/chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java

+++ b/chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java

@@ -25,6 +25,7 @@ import org.chromium.chrome.browser.preferences.autofill.AutofillCreditCardEditor

import org.chromium.chrome.browser.preferences.autofill.AutofillProfileEditor;

import org.chromium.chrome.browser.profiles.Profile;

import org.chromium.chrome.browser.util.UrlUtilities;

+import org.chromium.components.safejson.JsonSanitizer;

import org.chromium.content.browser.ContentViewCore;

import org.chromium.content_public.browser.WebContents;

import org.chromium.mojo.system.MojoException;

@@ -39,6 +40,7 @@ import org.chromium.ui.base.WindowAndroid;

import org.json.JSONException;

import org.json.JSONObject;

+import java.io.IOException;

import java.util.ArrayList;

import java.util.Arrays;

import java.util.HashSet;

@@ -466,9 +468,9 @@ public class PaymentRequestImpl implements PaymentRequest, PaymentRequestUI.Clie

JSONObject result;

try {

- result = new JSONObject(stringifiedData);

- } catch (JSONException e) {

- // Payment method specific data should be a JSON object.

+ result = new JSONObject(JsonSanitizer.sanitize(stringifiedData));

Robert Sesek 2016/06/07 19:10:06 I'm wondering if it'd be better to create a new cl

+ } catch (JSONException | IOException | IllegalStateException e) {

+ // Payment method specific data should be a valid JSON object.

return null;

}