Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(537)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java

Issue 2039303002: Sanitize JSON string before parsing it. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix deps Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java ('K') | « chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java
diff --git a/components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java b/components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java
index cb864085fb0fb1dd0bb448c4079872c97d0571e5..50da4b0fdfc34fd18cad7e89cfdf57f390e00477 100644
--- a/components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java
+++ b/components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java
@@ -34,12 +34,19 @@ public class JsonSanitizer {
*/
private static final int MAX_NESTING_DEPTH = 100;
- @CalledByNative
- public static void sanitize(long nativePtr, String unsafeJson) {
+ /**
+ * Validates input JSON string and returns the sanitized version of the string that's safe to
+ * parse.
+ *
+ * @param unsafeJson The input string to validate and sanitize.
+ * @return The sanitized version of the input string.
+ */
+ public static String sanitize(String unsafeJson) throws IOException, IllegalStateException {
JsonReader reader = new JsonReader(new StringReader(unsafeJson));
StringWriter stringWriter = new StringWriter(unsafeJson.length());
JsonWriter writer = new JsonWriter(stringWriter);
StackChecker stackChecker = new StackChecker();
+ String result = null;
try {
boolean end = false;
while (!end) {
@@ -94,14 +101,24 @@ public class JsonSanitizer {
break;
}
}
- } catch (IOException | IllegalStateException e) {
- nativeOnError(nativePtr, e.getMessage());
- return;
+ result = stringWriter.toString();
} finally {
StreamUtil.closeQuietly(reader);
StreamUtil.closeQuietly(writer);
}
- nativeOnSuccess(nativePtr, stringWriter.toString());
+ return result;
+ }
+
+ @CalledByNative
+ public static void sanitize(long nativePtr, String unsafeJson) {
+ String result = null;
+ try {
+ result = sanitize(unsafeJson);
+ } catch (IOException | IllegalStateException e) {
+ nativeOnError(nativePtr, e.getMessage());
+ return;
+ }
+ nativeOnSuccess(nativePtr, result);
}
/**
« chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java ('K') | « chrome/android/java/src/org/chromium/chrome/browser/payments/PaymentRequestImpl.java ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698