From 2720b2e0fb6c8d15e27c5416df14144219a770f4 Mon Sep 17 00:00:00 2001 From: alisdair sullivan Date: Tue, 26 Jul 2011 19:46:31 -0700 Subject: [PATCH] noncharacter tests --- src/jsx.erl | 20 +++++++++++++++++--- src/jsx_decoder.hrl | 2 +- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/src/jsx.erl b/src/jsx.erl index b10eda0..58ada1b 100644 --- a/src/jsx.erl +++ b/src/jsx.erl @@ -174,10 +174,10 @@ jsx_decoder_gen([Test|_] = Tests, [Encoding|Encodings]) -> Flags = proplists:get_value(jsx_flags, Test, []), {generator, fun() -> - [{Name, ?_assert(decode(JSON, Flags) =:= JSX)} + [{Name, ?_assertEqual(decode(JSON, Flags), JSX)} | {generator, - fun() -> [{Name ++ " incremental", ?_assert( - incremental_decode(JSON, Flags) =:= JSX) + fun() -> [{Name ++ " incremental", ?_assertEqual( + incremental_decode(JSON, Flags), JSX) } | jsx_decoder_gen(Tests, Encodings)] end } @@ -258,6 +258,20 @@ bad_escapes_test_() -> }, {"escaped noncharacter", ?_assertEqual({error, badjson}, decode(<<"\"\\ud83f\\udfff\"">>, [])) + }, + {"noncharacter", + ?_assertEqual({error, badjson}, decode(<<"\"\\uffff\"">>, [])) + }, + {"more noncharacters", + ?_assertEqual({error, badjson}, decode(<<"\"\\ufdd0\"">>, [])) + }, + {"last noncharacter", + ?_assertEqual({error, badjson}, decode(<<"\"\\ufdef\"">>, [])) + }, + {"ok character", + ?_assertEqual([{string, <<239, 183, 176>>}, end_json], + decode(<<"\"\\ufdf0\"">>, []) + ) } ]. diff --git a/src/jsx_decoder.hrl b/src/jsx_decoder.hrl index 398b172..6aa5b6b 100644 --- a/src/jsx_decoder.hrl +++ b/src/jsx_decoder.hrl @@ -466,7 +466,7 @@ escaped_unicode(<>, Stack, Opts, String, [C, B, A]) X when X >= 16#d800, X =< 16#dbff -> low_surrogate(Rest, Stack, Opts, String, X) %% non-characters, you're not allowed to exchange these - ; X when X == 16#fffe; X == 16#ffff -> + ; X when X == 16#fffe; X == 16#ffff; X >= 16#fdd0, X =< 16#fdef -> {error, {badjson, <>}} %% allowing interchange of null bytes allows attackers to forge %% malicious streams