components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java - Issue 2570113002: Increase the depth limit of JSONParser and IPC serialization from 100 to 200.

Side by Side Diff: components/safe_json/android/java/src/org/chromium/components/safejson/JsonSanitizer.java

Issue 2570113002: Increase the depth limit of JSONParser and IPC serialization from 100 to 200. (Closed)

Patch Set: added comment Created 3 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« no previous file with comments | « base/json/json_parser_unittest.cc ('k') | components/safe_json/json_sanitizer_unittest.cc » ('j') | no next file with comments »

OLD	NEW
1 // Copyright 2015 The Chromium Authors. All rights reserved.	1 // Copyright 2015 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 package org.chromium.components.safejson;	5 package org.chromium.components.safejson;

6	6

7 import android.util.JsonReader;	7 import android.util.JsonReader;

8 import android.util.JsonToken;	8 import android.util.JsonToken;

9 import android.util.JsonWriter;	9 import android.util.JsonWriter;

10 import android.util.MalformedJsonException;	10 import android.util.MalformedJsonException;

(...skipping 14 matching lines...) Expand all Loading...
25 public class JsonSanitizer {	25 public class JsonSanitizer {

26	26

27 // Disallow instantiating the class.	27 // Disallow instantiating the class.

28 private JsonSanitizer() {	28 private JsonSanitizer() {

29 }	29 }

30	30

31 /**	31 /**

32 * The maximum nesting depth to which the native JSON parser restricts input in order to avoid	32 * The maximum nesting depth to which the native JSON parser restricts input in order to avoid

33 * stack overflows.	33 * stack overflows.

34 */	34 */

35 private static final int MAX_NESTING_DEPTH = 100;	35 private static final int MAX_NESTING_DEPTH = 200;

36	36

37 /**	37 /**

38 * Validates input JSON string and returns the sanitized version of the stri ng that's safe to	38 * Validates input JSON string and returns the sanitized version of the stri ng that's safe to

39 * parse.	39 * parse.

40 *	40 *

41 * @param unsafeJson The input string to validate and sanitize.	41 * @param unsafeJson The input string to validate and sanitize.

42 * @return The sanitized version of the input string.	42 * @return The sanitized version of the input string.

43 */	43 */

44 public static String sanitize(String unsafeJson) throws IOException, Illegal StateException {	44 public static String sanitize(String unsafeJson) throws IOException, Illegal StateException {

45 JsonReader reader = new JsonReader(new StringReader(unsafeJson));	45 JsonReader reader = new JsonReader(new StringReader(unsafeJson));

(...skipping 142 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
188 private static boolean isUnicodeCharacter(int codePoint) {	188 private static boolean isUnicodeCharacter(int codePoint) {

189 // See the native method base::IsValidCharacter().	189 // See the native method base::IsValidCharacter().

190 return codePoint < 0xD800 \|\| (codePoint >= 0xE000 && codePoint < 0xFDD0)	190 return codePoint < 0xD800 \|\| (codePoint >= 0xE000 && codePoint < 0xFDD0)

191 \|\| (codePoint > 0xFDEF && codePoint <= 0x10FFFF && (codePoint & 0xFFFE) != 0xFFFE);	191 \|\| (codePoint > 0xFDEF && codePoint <= 0x10FFFF && (codePoint & 0xFFFE) != 0xFFFE);

192 }	192 }

193	193

194 private static native void nativeOnSuccess(long id, String json);	194 private static native void nativeOnSuccess(long id, String json);

195	195

196 private static native void nativeOnError(long id, String error);	196 private static native void nativeOnError(long id, String error);

197 }	197 }

OLD	NEW