1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "base/json/json_parser.h"
6 
7 #include <stddef.h>
8 
9 #include <memory>
10 
11 #include "base/json/json_reader.h"
12 #include "base/memory/ptr_util.h"
13 #include "base/optional.h"
14 #include "base/strings/stringprintf.h"
15 #include "base/values.h"
16 #include "testing/gtest/include/gtest/gtest.h"
17 
18 namespace base {
19 namespace internal {
20 
21 class JSONParserTest : public testing::Test {
22  public:
NewTestParser(const std::string & input,int options=JSON_PARSE_RFC)23   JSONParser* NewTestParser(const std::string& input,
24                             int options = JSON_PARSE_RFC) {
25     JSONParser* parser = new JSONParser(options);
26     parser->input_ = input;
27     parser->index_ = 0;
28     return parser;
29   }
30 
31   // MSan will do a better job detecting over-read errors if the input is
32   // not nul-terminated on the heap. This will copy |input| to a new buffer
33   // owned by |owner|, returning a StringPiece to |owner|.
MakeNotNullTerminatedInput(const char * input,std::unique_ptr<char[]> * owner)34   StringPiece MakeNotNullTerminatedInput(const char* input,
35                                          std::unique_ptr<char[]>* owner) {
36     size_t str_len = strlen(input);
37     owner->reset(new char[str_len]);
38     memcpy(owner->get(), input, str_len);
39     return StringPiece(owner->get(), str_len);
40   }
41 
TestLastThree(JSONParser * parser)42   void TestLastThree(JSONParser* parser) {
43     EXPECT_EQ(',', *parser->PeekChar());
44     parser->ConsumeChar();
45     EXPECT_EQ('|', *parser->PeekChar());
46     parser->ConsumeChar();
47     EXPECT_EQ('\0', *parser->pos());
48     EXPECT_EQ(static_cast<size_t>(parser->index_), parser->input_.length());
49   }
50 };
51 
TEST_F(JSONParserTest,NextChar)52 TEST_F(JSONParserTest, NextChar) {
53   std::string input("Hello world");
54   std::unique_ptr<JSONParser> parser(NewTestParser(input));
55 
56   EXPECT_EQ('H', *parser->pos());
57   for (size_t i = 1; i < input.length(); ++i) {
58     parser->ConsumeChar();
59     EXPECT_EQ(input[i], *parser->PeekChar());
60   }
61   parser->ConsumeChar();
62   EXPECT_EQ('\0', *parser->pos());
63   EXPECT_EQ(static_cast<size_t>(parser->index_), parser->input_.length());
64 }
65 
TEST_F(JSONParserTest,ConsumeString)66 TEST_F(JSONParserTest, ConsumeString) {
67   std::string input("\"test\",|");
68   std::unique_ptr<JSONParser> parser(NewTestParser(input));
69   Optional<Value> value(parser->ConsumeString());
70   EXPECT_EQ(',', *parser->pos());
71 
72   TestLastThree(parser.get());
73 
74   ASSERT_TRUE(value);
75   std::string str;
76   EXPECT_TRUE(value->GetAsString(&str));
77   EXPECT_EQ("test", str);
78 }
79 
TEST_F(JSONParserTest,ConsumeList)80 TEST_F(JSONParserTest, ConsumeList) {
81   std::string input("[true, false],|");
82   std::unique_ptr<JSONParser> parser(NewTestParser(input));
83   Optional<Value> value(parser->ConsumeList());
84   EXPECT_EQ(',', *parser->pos());
85 
86   TestLastThree(parser.get());
87 
88   ASSERT_TRUE(value);
89   base::ListValue* list;
90   EXPECT_TRUE(value->GetAsList(&list));
91   EXPECT_EQ(2u, list->GetSize());
92 }
93 
TEST_F(JSONParserTest,ConsumeDictionary)94 TEST_F(JSONParserTest, ConsumeDictionary) {
95   std::string input("{\"abc\":\"def\"},|");
96   std::unique_ptr<JSONParser> parser(NewTestParser(input));
97   Optional<Value> value(parser->ConsumeDictionary());
98   EXPECT_EQ(',', *parser->pos());
99 
100   TestLastThree(parser.get());
101 
102   ASSERT_TRUE(value);
103   base::DictionaryValue* dict;
104   EXPECT_TRUE(value->GetAsDictionary(&dict));
105   std::string str;
106   EXPECT_TRUE(dict->GetString("abc", &str));
107   EXPECT_EQ("def", str);
108 }
109 
TEST_F(JSONParserTest,ConsumeLiterals)110 TEST_F(JSONParserTest, ConsumeLiterals) {
111   // Literal |true|.
112   std::string input("true,|");
113   std::unique_ptr<JSONParser> parser(NewTestParser(input));
114   Optional<Value> value(parser->ConsumeLiteral());
115   EXPECT_EQ(',', *parser->pos());
116 
117   TestLastThree(parser.get());
118 
119   ASSERT_TRUE(value);
120   bool bool_value = false;
121   EXPECT_TRUE(value->GetAsBoolean(&bool_value));
122   EXPECT_TRUE(bool_value);
123 
124   // Literal |false|.
125   input = "false,|";
126   parser.reset(NewTestParser(input));
127   value = parser->ConsumeLiteral();
128   EXPECT_EQ(',', *parser->pos());
129 
130   TestLastThree(parser.get());
131 
132   ASSERT_TRUE(value);
133   EXPECT_TRUE(value->GetAsBoolean(&bool_value));
134   EXPECT_FALSE(bool_value);
135 
136   // Literal |null|.
137   input = "null,|";
138   parser.reset(NewTestParser(input));
139   value = parser->ConsumeLiteral();
140   EXPECT_EQ(',', *parser->pos());
141 
142   TestLastThree(parser.get());
143 
144   ASSERT_TRUE(value);
145   EXPECT_TRUE(value->is_none());
146 }
147 
TEST_F(JSONParserTest,ConsumeNumbers)148 TEST_F(JSONParserTest, ConsumeNumbers) {
149   // Integer.
150   std::string input("1234,|");
151   std::unique_ptr<JSONParser> parser(NewTestParser(input));
152   Optional<Value> value(parser->ConsumeNumber());
153   EXPECT_EQ(',', *parser->pos());
154 
155   TestLastThree(parser.get());
156 
157   ASSERT_TRUE(value);
158   int number_i;
159   EXPECT_TRUE(value->GetAsInteger(&number_i));
160   EXPECT_EQ(1234, number_i);
161 
162   // Negative integer.
163   input = "-1234,|";
164   parser.reset(NewTestParser(input));
165   value = parser->ConsumeNumber();
166   EXPECT_EQ(',', *parser->pos());
167 
168   TestLastThree(parser.get());
169 
170   ASSERT_TRUE(value);
171   EXPECT_TRUE(value->GetAsInteger(&number_i));
172   EXPECT_EQ(-1234, number_i);
173 
174   // Double.
175   input = "12.34,|";
176   parser.reset(NewTestParser(input));
177   value = parser->ConsumeNumber();
178   EXPECT_EQ(',', *parser->pos());
179 
180   TestLastThree(parser.get());
181 
182   ASSERT_TRUE(value);
183   double number_d;
184   EXPECT_TRUE(value->GetAsDouble(&number_d));
185   EXPECT_EQ(12.34, number_d);
186 
187   // Scientific.
188   input = "42e3,|";
189   parser.reset(NewTestParser(input));
190   value = parser->ConsumeNumber();
191   EXPECT_EQ(',', *parser->pos());
192 
193   TestLastThree(parser.get());
194 
195   ASSERT_TRUE(value);
196   EXPECT_TRUE(value->GetAsDouble(&number_d));
197   EXPECT_EQ(42000, number_d);
198 
199   // Negative scientific.
200   input = "314159e-5,|";
201   parser.reset(NewTestParser(input));
202   value = parser->ConsumeNumber();
203   EXPECT_EQ(',', *parser->pos());
204 
205   TestLastThree(parser.get());
206 
207   ASSERT_TRUE(value);
208   EXPECT_TRUE(value->GetAsDouble(&number_d));
209   EXPECT_EQ(3.14159, number_d);
210 
211   // Positive scientific.
212   input = "0.42e+3,|";
213   parser.reset(NewTestParser(input));
214   value = parser->ConsumeNumber();
215   EXPECT_EQ(',', *parser->pos());
216 
217   TestLastThree(parser.get());
218 
219   ASSERT_TRUE(value);
220   EXPECT_TRUE(value->GetAsDouble(&number_d));
221   EXPECT_EQ(420, number_d);
222 }
223 
TEST_F(JSONParserTest,ErrorMessages)224 TEST_F(JSONParserTest, ErrorMessages) {
225   // Error strings should not be modified in case of success.
226   std::string error_message;
227   int error_code = 0;
228   std::unique_ptr<Value> root = JSONReader::ReadAndReturnError(
229       "[42]", JSON_PARSE_RFC, &error_code, &error_message);
230   EXPECT_TRUE(error_message.empty());
231   EXPECT_EQ(0, error_code);
232 
233   // Test line and column counting
234   const char big_json[] = "[\n0,\n1,\n2,\n3,4,5,6 7,\n8,\n9\n]";
235   // error here ----------------------------------^
236   root = JSONReader::ReadAndReturnError(big_json, JSON_PARSE_RFC, &error_code,
237                                         &error_message);
238   EXPECT_FALSE(root.get());
239   EXPECT_EQ(JSONParser::FormatErrorMessage(5, 10, JSONReader::kSyntaxError),
240             error_message);
241   EXPECT_EQ(JSONReader::JSON_SYNTAX_ERROR, error_code);
242 
243   error_code = 0;
244   error_message = "";
245   // Test line and column counting with "\r\n" line ending
246   const char big_json_crlf[] =
247       "[\r\n0,\r\n1,\r\n2,\r\n3,4,5,6 7,\r\n8,\r\n9\r\n]";
248   // error here ----------------------^
249   root = JSONReader::ReadAndReturnError(big_json_crlf, JSON_PARSE_RFC,
250                                         &error_code, &error_message);
251   EXPECT_FALSE(root.get());
252   EXPECT_EQ(JSONParser::FormatErrorMessage(5, 10, JSONReader::kSyntaxError),
253             error_message);
254   EXPECT_EQ(JSONReader::JSON_SYNTAX_ERROR, error_code);
255 
256   // Test each of the error conditions
257   root = JSONReader::ReadAndReturnError("{},{}", JSON_PARSE_RFC, &error_code,
258                                         &error_message);
259   EXPECT_FALSE(root.get());
260   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 3,
261       JSONReader::kUnexpectedDataAfterRoot), error_message);
262   EXPECT_EQ(JSONReader::JSON_UNEXPECTED_DATA_AFTER_ROOT, error_code);
263 
264   std::string nested_json;
265   for (int i = 0; i < 201; ++i) {
266     nested_json.insert(nested_json.begin(), '[');
267     nested_json.append(1, ']');
268   }
269   root = JSONReader::ReadAndReturnError(nested_json, JSON_PARSE_RFC,
270                                         &error_code, &error_message);
271   EXPECT_FALSE(root.get());
272   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 200, JSONReader::kTooMuchNesting),
273             error_message);
274   EXPECT_EQ(JSONReader::JSON_TOO_MUCH_NESTING, error_code);
275 
276   root = JSONReader::ReadAndReturnError("[1,]", JSON_PARSE_RFC, &error_code,
277                                         &error_message);
278   EXPECT_FALSE(root.get());
279   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 4, JSONReader::kTrailingComma),
280             error_message);
281   EXPECT_EQ(JSONReader::JSON_TRAILING_COMMA, error_code);
282 
283   root = JSONReader::ReadAndReturnError("{foo:\"bar\"}", JSON_PARSE_RFC,
284                                         &error_code, &error_message);
285   EXPECT_FALSE(root.get());
286   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 2,
287       JSONReader::kUnquotedDictionaryKey), error_message);
288   EXPECT_EQ(JSONReader::JSON_UNQUOTED_DICTIONARY_KEY, error_code);
289 
290   root = JSONReader::ReadAndReturnError("{\"foo\":\"bar\",}", JSON_PARSE_RFC,
291                                         &error_code, &error_message);
292   EXPECT_FALSE(root.get());
293   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 14, JSONReader::kTrailingComma),
294             error_message);
295 
296   root = JSONReader::ReadAndReturnError("[nu]", JSON_PARSE_RFC, &error_code,
297                                         &error_message);
298   EXPECT_FALSE(root.get());
299   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 2, JSONReader::kSyntaxError),
300             error_message);
301   EXPECT_EQ(JSONReader::JSON_SYNTAX_ERROR, error_code);
302 
303   root = JSONReader::ReadAndReturnError("[\"xxx\\xq\"]", JSON_PARSE_RFC,
304                                         &error_code, &error_message);
305   EXPECT_FALSE(root.get());
306   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 7, JSONReader::kInvalidEscape),
307             error_message);
308   EXPECT_EQ(JSONReader::JSON_INVALID_ESCAPE, error_code);
309 
310   root = JSONReader::ReadAndReturnError("[\"xxx\\uq\"]", JSON_PARSE_RFC,
311                                         &error_code, &error_message);
312   EXPECT_FALSE(root.get());
313   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 7, JSONReader::kInvalidEscape),
314             error_message);
315   EXPECT_EQ(JSONReader::JSON_INVALID_ESCAPE, error_code);
316 
317   root = JSONReader::ReadAndReturnError("[\"xxx\\q\"]", JSON_PARSE_RFC,
318                                         &error_code, &error_message);
319   EXPECT_FALSE(root.get());
320   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 7, JSONReader::kInvalidEscape),
321             error_message);
322   EXPECT_EQ(JSONReader::JSON_INVALID_ESCAPE, error_code);
323 
324   root = JSONReader::ReadAndReturnError(("[\"\\ufffe\"]"), JSON_PARSE_RFC,
325                                         &error_code, &error_message);
326   EXPECT_EQ(JSONParser::FormatErrorMessage(1, 8, JSONReader::kInvalidEscape),
327             error_message);
328   EXPECT_EQ(JSONReader::JSON_INVALID_ESCAPE, error_code);
329 }
330 
TEST_F(JSONParserTest,Decode4ByteUtf8Char)331 TEST_F(JSONParserTest, Decode4ByteUtf8Char) {
332   // This test strings contains a 4 byte unicode character (a smiley!) that the
333   // reader should be able to handle (the character is \xf0\x9f\x98\x87).
334   const char kUtf8Data[] =
335       "[\"��\",[],[],[],{\"google:suggesttype\":[]}]";
336   std::string error_message;
337   int error_code = 0;
338   std::unique_ptr<Value> root = JSONReader::ReadAndReturnError(
339       kUtf8Data, JSON_PARSE_RFC, &error_code, &error_message);
340   EXPECT_TRUE(root.get()) << error_message;
341 }
342 
TEST_F(JSONParserTest,DecodeUnicodeNonCharacter)343 TEST_F(JSONParserTest, DecodeUnicodeNonCharacter) {
344   // Tests Unicode code points (encoded as escaped UTF-16) that are not valid
345   // characters.
346   EXPECT_FALSE(JSONReader::Read("[\"\\ufdd0\"]"));
347   EXPECT_FALSE(JSONReader::Read("[\"\\ufffe\"]"));
348   EXPECT_FALSE(JSONReader::Read("[\"\\ud83f\\udffe\"]"));
349 
350   EXPECT_TRUE(
351       JSONReader::Read("[\"\\ufdd0\"]", JSON_REPLACE_INVALID_CHARACTERS));
352   EXPECT_TRUE(
353       JSONReader::Read("[\"\\ufffe\"]", JSON_REPLACE_INVALID_CHARACTERS));
354 }
355 
TEST_F(JSONParserTest,DecodeNegativeEscapeSequence)356 TEST_F(JSONParserTest, DecodeNegativeEscapeSequence) {
357   EXPECT_FALSE(JSONReader::Read("[\"\\x-A\"]"));
358   EXPECT_FALSE(JSONReader::Read("[\"\\u-00A\"]"));
359 }
360 
361 // Verifies invalid utf-8 characters are replaced.
TEST_F(JSONParserTest,ReplaceInvalidCharacters)362 TEST_F(JSONParserTest, ReplaceInvalidCharacters) {
363   const std::string bogus_char = "��";
364   const std::string quoted_bogus_char = "\"" + bogus_char + "\"";
365   std::unique_ptr<JSONParser> parser(
366       NewTestParser(quoted_bogus_char, JSON_REPLACE_INVALID_CHARACTERS));
367   Optional<Value> value(parser->ConsumeString());
368   ASSERT_TRUE(value);
369   std::string str;
370   EXPECT_TRUE(value->GetAsString(&str));
371   EXPECT_EQ(kUnicodeReplacementString, str);
372 }
373 
TEST_F(JSONParserTest,ReplaceInvalidUTF16EscapeSequence)374 TEST_F(JSONParserTest, ReplaceInvalidUTF16EscapeSequence) {
375   const std::string invalid = "\"\\ufffe\"";
376   std::unique_ptr<JSONParser> parser(
377       NewTestParser(invalid, JSON_REPLACE_INVALID_CHARACTERS));
378   Optional<Value> value(parser->ConsumeString());
379   ASSERT_TRUE(value);
380   std::string str;
381   EXPECT_TRUE(value->GetAsString(&str));
382   EXPECT_EQ(kUnicodeReplacementString, str);
383 }
384 
TEST_F(JSONParserTest,ParseNumberErrors)385 TEST_F(JSONParserTest, ParseNumberErrors) {
386   const struct {
387     const char* input;
388     bool parse_success;
389     double value;
390   } kCases[] = {
391       // clang-format off
392       {"1", true, 1},
393       {"2.", false, 0},
394       {"42", true, 42},
395       {"6e", false, 0},
396       {"43e2", true, 4300},
397       {"43e-", false, 0},
398       {"9e-3", true, 0.009},
399       {"2e+", false, 0},
400       {"2e+2", true, 200},
401       // clang-format on
402   };
403 
404   for (unsigned int i = 0; i < arraysize(kCases); ++i) {
405     auto test_case = kCases[i];
406     SCOPED_TRACE(StringPrintf("case %u: \"%s\"", i, test_case.input));
407 
408     std::unique_ptr<char[]> input_owner;
409     StringPiece input =
410         MakeNotNullTerminatedInput(test_case.input, &input_owner);
411 
412     std::unique_ptr<Value> result = JSONReader::Read(input);
413     if (test_case.parse_success) {
414       EXPECT_TRUE(result);
415     } else {
416       EXPECT_FALSE(result);
417     }
418 
419     if (!result)
420       continue;
421 
422     double double_value = 0;
423     EXPECT_TRUE(result->GetAsDouble(&double_value));
424     EXPECT_EQ(test_case.value, double_value);
425   }
426 }
427 
TEST_F(JSONParserTest,UnterminatedInputs)428 TEST_F(JSONParserTest, UnterminatedInputs) {
429   const char* kCases[] = {
430       // clang-format off
431       "/",
432       "//",
433       "/*",
434       "\"xxxxxx",
435       "\"",
436       "{   ",
437       "[\t",
438       "tru",
439       "fals",
440       "nul",
441       "\"\\x",
442       "\"\\x2",
443       "\"\\u123",
444       "\"\\uD803\\u",
445       "\"\\",
446       "\"\\/",
447       // clang-format on
448   };
449 
450   for (unsigned int i = 0; i < arraysize(kCases); ++i) {
451     auto* test_case = kCases[i];
452     SCOPED_TRACE(StringPrintf("case %u: \"%s\"", i, test_case));
453 
454     std::unique_ptr<char[]> input_owner;
455     StringPiece input = MakeNotNullTerminatedInput(test_case, &input_owner);
456 
457     EXPECT_FALSE(JSONReader::Read(input));
458   }
459 }
460 
461 }  // namespace internal
462 }  // namespace base
463