json 1.5.5 → 1.6.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of json might be problematic. Click here for more details.

Files changed (44) hide show
  1. data/CHANGES +3 -7
  2. data/Gemfile +0 -4
  3. data/Rakefile +0 -7
  4. data/VERSION +1 -1
  5. data/ext/json/ext/parser/parser.c +18 -18
  6. data/ext/json/ext/parser/parser.rl +1 -4
  7. data/install.rb +1 -8
  8. data/java/src/json/ext/Parser.java +85 -81
  9. data/java/src/json/ext/Parser.rl +1 -1
  10. data/json.gemspec +5 -6
  11. data/json_pure.gemspec +4 -8
  12. data/lib/json/add/core.rb +9 -244
  13. data/lib/json/add/date.rb +34 -0
  14. data/lib/json/add/date_time.rb +50 -0
  15. data/lib/json/add/exception.rb +31 -0
  16. data/lib/json/add/range.rb +29 -0
  17. data/lib/json/add/regexp.rb +30 -0
  18. data/lib/json/add/struct.rb +30 -0
  19. data/lib/json/add/symbol.rb +25 -0
  20. data/lib/json/add/time.rb +35 -0
  21. data/lib/json/common.rb +5 -12
  22. data/lib/json/pure/parser.rb +4 -4
  23. data/lib/json/version.rb +1 -1
  24. data/tests/test_json.rb +2 -22
  25. data/tests/test_json_addition.rb +21 -29
  26. data/tests/test_json_string_matching.rb +6 -5
  27. data/tools/server.rb +1 -0
  28. metadata +124 -152
  29. data/0001-Security-fix-create_additons-JSON-GenericObject.patch +0 -448
  30. data/0001-Security-fix-create_additons-problem-1.5.5.patch +0 -630
  31. data/0001-Security-fix-for-create_additions-problem-1.6.8.patch +0 -685
  32. data/Gemfile.lock +0 -60
  33. data/bin/edit_json.rb +0 -9
  34. data/bin/prettify_json.rb +0 -48
  35. data/lib/json/Array.xpm +0 -21
  36. data/lib/json/FalseClass.xpm +0 -21
  37. data/lib/json/Hash.xpm +0 -21
  38. data/lib/json/Key.xpm +0 -73
  39. data/lib/json/NilClass.xpm +0 -21
  40. data/lib/json/Numeric.xpm +0 -28
  41. data/lib/json/String.xpm +0 -96
  42. data/lib/json/TrueClass.xpm +0 -21
  43. data/lib/json/editor.rb +0 -1369
  44. data/lib/json/json.xpm +0 -1499
@@ -1,685 +0,0 @@
1
- From 3ce359bbf308354b86e94248fc13dfd4b23c792e Mon Sep 17 00:00:00 2001
2
- From: Florian Frank <flori@ping.de>
3
- Date: Mon, 4 Feb 2013 23:28:30 +0100
4
- Subject: [PATCH] Security fix for create_additions problem 1.6.8
5
-
6
- ---
7
- CHANGES | 5 +++
8
- Gemfile | 10 ++----
9
- VERSION | 2 +-
10
- ext/json/ext/parser/parser.c | 2 +-
11
- ext/json/ext/parser/parser.rl | 2 +-
12
- java/src/json/ext/Parser.java | 66 +++++++++++++++++++-------------------
13
- java/src/json/ext/Parser.rl | 2 +-
14
- json.gemspec | 8 ++---
15
- json_pure.gemspec | 6 ++--
16
- lib/json/common.rb | 21 ++++++++----
17
- lib/json/pure/parser.rb | 8 ++---
18
- lib/json/version.rb | 2 +-
19
- tests/test_json.rb | 10 ++++--
20
- tests/test_json_addition.rb | 56 ++++++++++++++++++--------------
21
- tests/test_json_string_matching.rb | 11 +++----
22
- 15 files changed, 116 insertions(+), 95 deletions(-)
23
-
24
- diff --git a/CHANGES b/CHANGES
25
- index b347a7c..811e964 100644
26
- --- a/CHANGES
27
- +++ b/CHANGES
28
- @@ -1,3 +1,8 @@
29
- +2013-02-04 (1.6.8)
30
- + * Security fix for JSON create_additions default value. It should not be
31
- + possible to create additions unless
32
- + explicitely requested by setting the create_additions argument to true or
33
- + using the JSON.load/dump interface.
34
- 2012-04-27 (1.6.7)
35
- * Fix possible crash when trying to parse nil value.
36
- 2012-02-11 (1.6.6)
37
- diff --git a/Gemfile b/Gemfile
38
- index 79bafcc..e405da2 100644
39
- --- a/Gemfile
40
- +++ b/Gemfile
41
- @@ -6,10 +6,6 @@ gemspec :name => 'json'
42
- gemspec :name => 'json_pure'
43
- gemspec :name => 'json-java'
44
-
45
- -group :development, :test do
46
- - gem 'simplecov', :platform => :mri_19
47
- -end
48
- -
49
- -group :test do
50
- - gem 'test-unit', '2.4.7', :platform => :mri_19
51
- -end
52
- +gem 'utils'
53
- +gem 'test-unit'
54
- +gem 'debugger', :platform => :mri_19
55
- diff --git a/VERSION b/VERSION
56
- index 400084b..d8c5e72 100644
57
- --- a/VERSION
58
- +++ b/VERSION
59
- @@ -1 +1 @@
60
- -1.6.7
61
- +1.6.8
62
- diff --git a/ext/json/ext/parser/parser.c b/ext/json/ext/parser/parser.c
63
- index c140fdb..cbd8b93 100644
64
- --- a/ext/json/ext/parser/parser.c
65
- +++ b/ext/json/ext/parser/parser.c
66
- @@ -1680,7 +1680,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
67
- if (option_given_p(opts, tmp)) {
68
- json->create_additions = RTEST(rb_hash_aref(opts, tmp));
69
- } else {
70
- - json->create_additions = 1;
71
- + json->create_additions = 0;
72
- }
73
- tmp = ID2SYM(i_create_id);
74
- if (option_given_p(opts, tmp)) {
75
- diff --git a/ext/json/ext/parser/parser.rl b/ext/json/ext/parser/parser.rl
76
- index 20ecc48..f416b2d 100644
77
- --- a/ext/json/ext/parser/parser.rl
78
- +++ b/ext/json/ext/parser/parser.rl
79
- @@ -664,7 +664,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
80
- if (option_given_p(opts, tmp)) {
81
- json->create_additions = RTEST(rb_hash_aref(opts, tmp));
82
- } else {
83
- - json->create_additions = 1;
84
- + json->create_additions = 0;
85
- }
86
- tmp = ID2SYM(i_create_id);
87
- if (option_given_p(opts, tmp)) {
88
- diff --git a/java/src/json/ext/Parser.java b/java/src/json/ext/Parser.java
89
- index 0058f95..95fb9cf 100644
90
- --- a/java/src/json/ext/Parser.java
91
- +++ b/java/src/json/ext/Parser.java
92
- @@ -166,7 +166,7 @@ public class Parser extends RubyObject {
93
- this.symbolizeNames = opts.getBool("symbolize_names", false);
94
- this.quirksMode = opts.getBool("quirks_mode", false);
95
- this.createId = opts.getString("create_id", getCreateId(context));
96
- - this.createAdditions = opts.getBool("create_additions", true);
97
- + this.createAdditions = opts.getBool("create_additions", false);
98
- this.objectClass = opts.getClass("object_class", runtime.getHash());
99
- this.arrayClass = opts.getClass("array_class", runtime.getArray());
100
- this.match_string = opts.getHash("match_string");
101
- @@ -1617,14 +1617,14 @@ static final int JSON_array_en_main = 1;
102
- }
103
-
104
-
105
- -// line 1623 "Parser.java"
106
- +// line 1621 "Parser.java"
107
- {
108
- cs = JSON_array_start;
109
- }
110
-
111
- -// line 714 "Parser.rl"
112
- +// line 712 "Parser.rl"
113
-
114
- -// line 1630 "Parser.java"
115
- +// line 1628 "Parser.java"
116
- {
117
- int _klen;
118
- int _trans = 0;
119
- @@ -1728,7 +1728,7 @@ case 1:
120
- { p += 1; _goto_targ = 5; if (true) continue _goto;}
121
- }
122
- break;
123
- -// line 1734 "Parser.java"
124
- +// line 1732 "Parser.java"
125
- }
126
- }
127
- }
128
- @@ -1748,7 +1748,7 @@ case 5:
129
- break; }
130
- }
131
-
132
- -// line 715 "Parser.rl"
133
- +// line 713 "Parser.rl"
134
-
135
- if (cs >= JSON_array_first_final) {
136
- res.update(result, p + 1);
137
- @@ -1758,7 +1758,7 @@ case 5:
138
- }
139
-
140
-
141
- -// line 1764 "Parser.java"
142
- +// line 1762 "Parser.java"
143
- private static byte[] init__JSON_object_actions_0()
144
- {
145
- return new byte [] {
146
- @@ -1881,7 +1881,7 @@ static final int JSON_object_error = 0;
147
- static final int JSON_object_en_main = 1;
148
-
149
-
150
- -// line 774 "Parser.rl"
151
- +// line 772 "Parser.rl"
152
-
153
-
154
- void parseObject(ParserResult res, int p, int pe) {
155
- @@ -1906,14 +1906,14 @@ static final int JSON_object_en_main = 1;
156
- }
157
-
158
-
159
- -// line 1912 "Parser.java"
160
- +// line 1910 "Parser.java"
161
- {
162
- cs = JSON_object_start;
163
- }
164
-
165
- -// line 798 "Parser.rl"
166
- +// line 796 "Parser.rl"
167
-
168
- -// line 1919 "Parser.java"
169
- +// line 1917 "Parser.java"
170
- {
171
- int _klen;
172
- int _trans = 0;
173
- @@ -1994,7 +1994,7 @@ case 1:
174
- switch ( _JSON_object_actions[_acts++] )
175
- {
176
- case 0:
177
- -// line 729 "Parser.rl"
178
- +// line 727 "Parser.rl"
179
- {
180
- parseValue(res, p, pe);
181
- if (res.result == null) {
182
- @@ -2011,7 +2011,7 @@ case 1:
183
- }
184
- break;
185
- case 1:
186
- -// line 744 "Parser.rl"
187
- +// line 742 "Parser.rl"
188
- {
189
- parseString(res, p, pe);
190
- if (res.result == null) {
191
- @@ -2031,13 +2031,13 @@ case 1:
192
- }
193
- break;
194
- case 2:
195
- -// line 762 "Parser.rl"
196
- +// line 760 "Parser.rl"
197
- {
198
- p--;
199
- { p += 1; _goto_targ = 5; if (true) continue _goto;}
200
- }
201
- break;
202
- -// line 2043 "Parser.java"
203
- +// line 2041 "Parser.java"
204
- }
205
- }
206
- }
207
- @@ -2057,7 +2057,7 @@ case 5:
208
- break; }
209
- }
210
-
211
- -// line 799 "Parser.rl"
212
- +// line 797 "Parser.rl"
213
-
214
- if (cs < JSON_object_first_final) {
215
- res.update(null, p + 1);
216
- @@ -2090,7 +2090,7 @@ case 5:
217
- }
218
-
219
-
220
- -// line 2096 "Parser.java"
221
- +// line 2094 "Parser.java"
222
- private static byte[] init__JSON_actions_0()
223
- {
224
- return new byte [] {
225
- @@ -2194,7 +2194,7 @@ static final int JSON_error = 0;
226
- static final int JSON_en_main = 1;
227
-
228
-
229
- -// line 864 "Parser.rl"
230
- +// line 862 "Parser.rl"
231
-
232
-
233
- public IRubyObject parseStrict() {
234
- @@ -2204,16 +2204,16 @@ static final int JSON_en_main = 1;
235
- ParserResult res = new ParserResult();
236
-
237
-
238
- -// line 2210 "Parser.java"
239
- +// line 2208 "Parser.java"
240
- {
241
- cs = JSON_start;
242
- }
243
-
244
- -// line 873 "Parser.rl"
245
- +// line 871 "Parser.rl"
246
- p = byteList.begin();
247
- pe = p + byteList.length();
248
-
249
- -// line 2219 "Parser.java"
250
- +// line 2217 "Parser.java"
251
- {
252
- int _klen;
253
- int _trans = 0;
254
- @@ -2294,7 +2294,7 @@ case 1:
255
- switch ( _JSON_actions[_acts++] )
256
- {
257
- case 0:
258
- -// line 836 "Parser.rl"
259
- +// line 834 "Parser.rl"
260
- {
261
- currentNesting = 1;
262
- parseObject(res, p, pe);
263
- @@ -2308,7 +2308,7 @@ case 1:
264
- }
265
- break;
266
- case 1:
267
- -// line 848 "Parser.rl"
268
- +// line 846 "Parser.rl"
269
- {
270
- currentNesting = 1;
271
- parseArray(res, p, pe);
272
- @@ -2321,7 +2321,7 @@ case 1:
273
- }
274
- }
275
- break;
276
- -// line 2327 "Parser.java"
277
- +// line 2325 "Parser.java"
278
- }
279
- }
280
- }
281
- @@ -2341,7 +2341,7 @@ case 5:
282
- break; }
283
- }
284
-
285
- -// line 876 "Parser.rl"
286
- +// line 874 "Parser.rl"
287
-
288
- if (cs >= JSON_first_final && p == pe) {
289
- return result;
290
- @@ -2351,7 +2351,7 @@ case 5:
291
- }
292
-
293
-
294
- -// line 2357 "Parser.java"
295
- +// line 2355 "Parser.java"
296
- private static byte[] init__JSON_quirks_mode_actions_0()
297
- {
298
- return new byte [] {
299
- @@ -2454,7 +2454,7 @@ static final int JSON_quirks_mode_error = 0;
300
- static final int JSON_quirks_mode_en_main = 1;
301
-
302
-
303
- -// line 904 "Parser.rl"
304
- +// line 902 "Parser.rl"
305
-
306
-
307
- public IRubyObject parseQuirksMode() {
308
- @@ -2464,16 +2464,16 @@ static final int JSON_quirks_mode_en_main = 1;
309
- ParserResult res = new ParserResult();
310
-
311
-
312
- -// line 2470 "Parser.java"
313
- +// line 2468 "Parser.java"
314
- {
315
- cs = JSON_quirks_mode_start;
316
- }
317
-
318
- -// line 913 "Parser.rl"
319
- +// line 911 "Parser.rl"
320
- p = byteList.begin();
321
- pe = p + byteList.length();
322
-
323
- -// line 2479 "Parser.java"
324
- +// line 2477 "Parser.java"
325
- {
326
- int _klen;
327
- int _trans = 0;
328
- @@ -2554,7 +2554,7 @@ case 1:
329
- switch ( _JSON_quirks_mode_actions[_acts++] )
330
- {
331
- case 0:
332
- -// line 890 "Parser.rl"
333
- +// line 888 "Parser.rl"
334
- {
335
- parseValue(res, p, pe);
336
- if (res.result == null) {
337
- @@ -2566,7 +2566,7 @@ case 1:
338
- }
339
- }
340
- break;
341
- -// line 2572 "Parser.java"
342
- +// line 2570 "Parser.java"
343
- }
344
- }
345
- }
346
- @@ -2586,7 +2586,7 @@ case 5:
347
- break; }
348
- }
349
-
350
- -// line 916 "Parser.rl"
351
- +// line 914 "Parser.rl"
352
-
353
- if (cs >= JSON_quirks_mode_first_final && p == pe) {
354
- return result;
355
- diff --git a/java/src/json/ext/Parser.rl b/java/src/json/ext/Parser.rl
356
- index 6d9d4f9..4c54cf9 100644
357
- --- a/java/src/json/ext/Parser.rl
358
- +++ b/java/src/json/ext/Parser.rl
359
- @@ -164,7 +164,7 @@ public class Parser extends RubyObject {
360
- this.symbolizeNames = opts.getBool("symbolize_names", false);
361
- this.quirksMode = opts.getBool("quirks_mode", false);
362
- this.createId = opts.getString("create_id", getCreateId(context));
363
- - this.createAdditions = opts.getBool("create_additions", true);
364
- + this.createAdditions = opts.getBool("create_additions", false);
365
- this.objectClass = opts.getClass("object_class", runtime.getHash());
366
- this.arrayClass = opts.getClass("array_class", runtime.getArray());
367
- this.match_string = opts.getHash("match_string");
368
- diff --git a/json.gemspec b/json.gemspec
369
- index 860f10e..7f7b641 100644
370
- --- a/json.gemspec
371
- +++ b/json.gemspec
372
- @@ -2,21 +2,21 @@
373
-
374
- Gem::Specification.new do |s|
375
- s.name = "json"
376
- - s.version = "1.6.7"
377
- + s.version = "1.6.8"
378
-
379
- s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
380
- s.authors = ["Florian Frank"]
381
- - s.date = "2012-04-28"
382
- + s.date = "2013-02-10"
383
- s.description = "This is a JSON implementation as a Ruby extension in C."
384
- s.email = "flori@ping.de"
385
- - s.extensions = ["ext/json/ext/parser/extconf.rb", "ext/json/ext/generator/extconf.rb"]
386
- + s.extensions = ["ext/json/ext/generator/extconf.rb", "ext/json/ext/parser/extconf.rb"]
387
- s.extra_rdoc_files = ["README.rdoc"]
388
- s.files = [".gitignore", ".travis.yml", "CHANGES", "COPYING", "COPYING-json-jruby", "GPL", "Gemfile", "README-json-jruby.markdown", "README.rdoc", "Rakefile", "TODO", "VERSION", "data/example.json", "data/index.html", "data/prototype.js", "diagrams/.keep", "ext/json/ext/fbuffer/fbuffer.h", "ext/json/ext/generator/extconf.rb", "ext/json/ext/generator/generator.c", "ext/json/ext/generator/generator.h", "ext/json/ext/parser/extconf.rb", "ext/json/ext/parser/parser.c", "ext/json/ext/parser/parser.h", "ext/json/ext/parser/parser.rl", "install.rb", "java/src/json/ext/ByteListTranscoder.java", "java/src/json/ext/Generator.java", "java/src/json/ext/GeneratorMethods.java", "java/src/json/ext/GeneratorService.java", "java/src/json/ext/GeneratorState.java", "java/src/json/ext/OptionsReader.java", "java/src/json/ext/Parser.java", "java/src/json/ext/Parser.rl", "java/src/json/ext/ParserService.java", "java/src/json/ext/RuntimeInfo.java", "java/src/json/ext/StringDecoder.java", "java/src/json/ext/StringEncoder.java", "java/src/json/ext/Utils.java", "json-java.gemspec", "json.gemspec", "json_pure.gemspec", "lib/json.rb", "lib/json/add/bigdecimal.rb", "lib/json/add/complex.rb", "lib/json/add/core.rb", "lib/json/add/date.rb", "lib/json/add/date_time.rb", "lib/json/add/exception.rb", "lib/json/add/ostruct.rb", "lib/json/add/range.rb", "lib/json/add/rational.rb", "lib/json/add/regexp.rb", "lib/json/add/struct.rb", "lib/json/add/symbol.rb", "lib/json/add/time.rb", "lib/json/common.rb", "lib/json/ext.rb", "lib/json/ext/.keep", "lib/json/light_object.rb", "lib/json/pure.rb", "lib/json/pure/generator.rb", "lib/json/pure/parser.rb", "lib/json/version.rb", "tests/fixtures/fail1.json", "tests/fixtures/fail10.json", "tests/fixtures/fail11.json", "tests/fixtures/fail12.json", "tests/fixtures/fail13.json", "tests/fixtures/fail14.json", "tests/fixtures/fail18.json", "tests/fixtures/fail19.json", "tests/fixtures/fail2.json", "tests/fixtures/fail20.json", "tests/fixtures/fail21.json", "tests/fixtures/fail22.json", "tests/fixtures/fail23.json", "tests/fixtures/fail24.json", "tests/fixtures/fail25.json", "tests/fixtures/fail27.json", "tests/fixtures/fail28.json", "tests/fixtures/fail3.json", "tests/fixtures/fail4.json", "tests/fixtures/fail5.json", "tests/fixtures/fail6.json", "tests/fixtures/fail7.json", "tests/fixtures/fail8.json", "tests/fixtures/fail9.json", "tests/fixtures/pass1.json", "tests/fixtures/pass15.json", "tests/fixtures/pass16.json", "tests/fixtures/pass17.json", "tests/fixtures/pass2.json", "tests/fixtures/pass26.json", "tests/fixtures/pass3.json", "tests/setup_variant.rb", "tests/test_json.rb", "tests/test_json_addition.rb", "tests/test_json_encoding.rb", "tests/test_json_fixtures.rb", "tests/test_json_generate.rb", "tests/test_json_string_matching.rb", "tests/test_json_unicode.rb", "tools/fuzz.rb", "tools/server.rb", "./tests/test_json_string_matching.rb", "./tests/test_json_fixtures.rb", "./tests/test_json_unicode.rb", "./tests/test_json_addition.rb", "./tests/test_json_generate.rb", "./tests/test_json_encoding.rb", "./tests/test_json.rb"]
389
- s.homepage = "http://flori.github.com/json"
390
- s.rdoc_options = ["--title", "JSON implemention for Ruby", "--main", "README.rdoc"]
391
- s.require_paths = ["ext/json/ext", "ext", "lib"]
392
- s.rubyforge_project = "json"
393
- - s.rubygems_version = "1.8.23"
394
- + s.rubygems_version = "1.8.25"
395
- s.summary = "JSON Implementation for Ruby"
396
- s.test_files = ["./tests/test_json_string_matching.rb", "./tests/test_json_fixtures.rb", "./tests/test_json_unicode.rb", "./tests/test_json_addition.rb", "./tests/test_json_generate.rb", "./tests/test_json_encoding.rb", "./tests/test_json.rb"]
397
-
398
- diff --git a/json_pure.gemspec b/json_pure.gemspec
399
- index 5383c3c..c0f4f23 100644
400
- --- a/json_pure.gemspec
401
- +++ b/json_pure.gemspec
402
- @@ -2,11 +2,11 @@
403
-
404
- Gem::Specification.new do |s|
405
- s.name = "json_pure"
406
- - s.version = "1.6.7"
407
- + s.version = "1.6.8"
408
-
409
- s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
410
- s.authors = ["Florian Frank"]
411
- - s.date = "2012-04-28"
412
- + s.date = "2013-02-10"
413
- s.description = "This is a JSON implementation in pure Ruby."
414
- s.email = "flori@ping.de"
415
- s.extra_rdoc_files = ["README.rdoc"]
416
- @@ -15,7 +15,7 @@ Gem::Specification.new do |s|
417
- s.rdoc_options = ["--title", "JSON implemention for ruby", "--main", "README.rdoc"]
418
- s.require_paths = ["lib"]
419
- s.rubyforge_project = "json"
420
- - s.rubygems_version = "1.8.23"
421
- + s.rubygems_version = "1.8.25"
422
- s.summary = "JSON Implementation for Ruby"
423
- s.test_files = ["./tests/test_json_string_matching.rb", "./tests/test_json_fixtures.rb", "./tests/test_json_unicode.rb", "./tests/test_json_addition.rb", "./tests/test_json_generate.rb", "./tests/test_json_encoding.rb", "./tests/test_json.rb"]
424
-
425
- diff --git a/lib/json/common.rb b/lib/json/common.rb
426
- index e8e76b6..7fd2db3 100644
427
- --- a/lib/json/common.rb
428
- +++ b/lib/json/common.rb
429
- @@ -293,21 +293,28 @@ module JSON
430
- attr_accessor :load_default_options
431
- end
432
- self.load_default_options = {
433
- - :max_nesting => false,
434
- - :allow_nan => true,
435
- - :quirks_mode => true,
436
- + :max_nesting => false,
437
- + :allow_nan => true,
438
- + :quirks_mode => true,
439
- + :create_additions => true,
440
- }
441
-
442
- # Load a ruby data structure from a JSON _source_ and return it. A source can
443
- # either be a string-like object, an IO-like object, or an object responding
444
- # to the read method. If _proc_ was given, it will be called with any nested
445
- - # Ruby object as an argument recursively in depth first order. The default
446
- - # options for the parser can be changed via the load_default_options method.
447
- + # Ruby object as an argument recursively in depth first order. To modify the
448
- + # default options pass in the optional _options_ argument as well.
449
- + #
450
- + # BEWARE: This method is meant to serialise data from trusted user input,
451
- + # like from your own database server or clients under your control, it could
452
- + # be dangerous to allow untrusted users to pass JSON sources into it. The
453
- + # default options for the parser can be changed via the load_default_options
454
- + # method.
455
- #
456
- # This method is part of the implementation of the load/dump interface of
457
- # Marshal and YAML.
458
- - def load(source, proc = nil)
459
- - opts = load_default_options
460
- + def load(source, proc = nil, options = {})
461
- + opts = load_default_options.merge options
462
- if source.respond_to? :to_str
463
- source = source.to_str
464
- elsif source.respond_to? :to_io
465
- diff --git a/lib/json/pure/parser.rb b/lib/json/pure/parser.rb
466
- index 84eb67f..70a8edc 100644
467
- --- a/lib/json/pure/parser.rb
468
- +++ b/lib/json/pure/parser.rb
469
- @@ -63,9 +63,9 @@ module JSON
470
- # * *symbolize_names*: If set to true, returns symbols for the names
471
- # (keys) in a JSON object. Otherwise strings are returned, which is also
472
- # the default.
473
- - # * *create_additions*: If set to false, the Parser doesn't create
474
- - # additions even if a matchin class and create_id was found. This option
475
- - # defaults to true.
476
- + # * *create_additions*: If set to true, the Parser creates
477
- + # additions when if a matching class and create_id was found. This
478
- + # option defaults to false.
479
- # * *object_class*: Defaults to Hash
480
- # * *array_class*: Defaults to Array
481
- # * *quirks_mode*: Enables quirks_mode for parser, that is for example
482
- @@ -88,7 +88,7 @@ module JSON
483
- if opts.key?(:create_additions)
484
- @create_additions = !!opts[:create_additions]
485
- else
486
- - @create_additions = true
487
- + @create_additions = false
488
- end
489
- @create_id = @create_additions ? JSON.create_id : nil
490
- @object_class = opts[:object_class] || Hash
491
- diff --git a/lib/json/version.rb b/lib/json/version.rb
492
- index c74e914..d02b58c 100644
493
- --- a/lib/json/version.rb
494
- +++ b/lib/json/version.rb
495
- @@ -1,6 +1,6 @@
496
- module JSON
497
- # JSON version
498
- - VERSION = '1.6.7'
499
- + VERSION = '1.6.8'
500
- VERSION_ARRAY = VERSION.split(/\./).map { |x| x.to_i } # :nodoc:
501
- VERSION_MAJOR = VERSION_ARRAY[0] # :nodoc:
502
- VERSION_MINOR = VERSION_ARRAY[1] # :nodoc:
503
- diff --git a/tests/test_json.rb b/tests/test_json.rb
504
- index 4b4bc55..84c0539 100755
505
- --- a/tests/test_json.rb
506
- +++ b/tests/test_json.rb
507
- @@ -329,12 +329,12 @@ class TestJSON < Test::Unit::TestCase
508
- def test_generate_core_subclasses_with_new_to_json
509
- obj = SubHash2["foo" => SubHash2["bar" => true]]
510
- obj_json = JSON(obj)
511
- - obj_again = JSON(obj_json)
512
- + obj_again = JSON.parse(obj_json, :create_additions => true)
513
- assert_kind_of SubHash2, obj_again
514
- assert_kind_of SubHash2, obj_again['foo']
515
- assert obj_again['foo']['bar']
516
- assert_equal obj, obj_again
517
- - assert_equal ["foo"], JSON(JSON(SubArray2["foo"]))
518
- + assert_equal ["foo"], JSON(JSON(SubArray2["foo"]), :create_additions => true)
519
- end
520
-
521
- def test_generate_core_subclasses_with_default_to_json
522
- @@ -493,6 +493,12 @@ EOT
523
- assert_equal nil, JSON.load('')
524
- end
525
-
526
- + def test_load_with_options
527
- + small_hash = JSON("foo" => 'bar')
528
- + symbol_hash = { :foo => 'bar' }
529
- + assert_equal symbol_hash, JSON.load(small_hash, nil, :symbolize_names => true)
530
- + end
531
- +
532
- def test_dump
533
- too_deep = '[[[[[[[[[[[[[[[[[[[[]]]]]]]]]]]]]]]]]]]]'
534
- assert_equal too_deep, JSON.dump(eval(too_deep))
535
- diff --git a/tests/test_json_addition.rb b/tests/test_json_addition.rb
536
- index cf80866..824a1fa 100755
537
- --- a/tests/test_json_addition.rb
538
- +++ b/tests/test_json_addition.rb
539
- @@ -73,11 +73,19 @@ class TestJSONAddition < Test::Unit::TestCase
540
- a = A.new(666)
541
- assert A.json_creatable?
542
- json = generate(a)
543
- - a_again = JSON.parse(json)
544
- + a_again = JSON.parse(json, :create_additions => true)
545
- assert_kind_of a.class, a_again
546
- assert_equal a, a_again
547
- end
548
-
549
- + def test_extended_json_default
550
- + a = A.new(666)
551
- + assert A.json_creatable?
552
- + json = generate(a)
553
- + a_hash = JSON.parse(json)
554
- + assert_kind_of Hash, a_hash
555
- + end
556
- +
557
- def test_extended_json_disabled
558
- a = A.new(666)
559
- assert A.json_creatable?
560
- @@ -104,7 +112,7 @@ class TestJSONAddition < Test::Unit::TestCase
561
- c = C.new
562
- assert !C.json_creatable?
563
- json = generate(c)
564
- - assert_raises(ArgumentError, NameError) { JSON.parse(json) }
565
- + assert_raises(ArgumentError, NameError) { JSON.parse(json, :create_additions => true) }
566
- end
567
-
568
- def test_raw_strings
569
- @@ -122,7 +130,7 @@ class TestJSONAddition < Test::Unit::TestCase
570
- assert_match(/\A\{.*\}\Z/, json)
571
- assert_match(/"json_class":"String"/, json)
572
- assert_match(/"raw":\[0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255\]/, json)
573
- - raw_again = JSON.parse(json)
574
- + raw_again = JSON.parse(json, :create_additions => true)
575
- assert_equal raw, raw_again
576
- end
577
-
578
- @@ -130,17 +138,17 @@ class TestJSONAddition < Test::Unit::TestCase
579
-
580
- def test_core
581
- t = Time.now
582
- - assert_equal t, JSON(JSON(t))
583
- + assert_equal t, JSON(JSON(t), :create_additions => true)
584
- d = Date.today
585
- - assert_equal d, JSON(JSON(d))
586
- + assert_equal d, JSON(JSON(d), :create_additions => true)
587
- d = DateTime.civil(2007, 6, 14, 14, 57, 10, Rational(1, 12), 2299161)
588
- - assert_equal d, JSON(JSON(d))
589
- - assert_equal 1..10, JSON(JSON(1..10))
590
- - assert_equal 1...10, JSON(JSON(1...10))
591
- - assert_equal "a".."c", JSON(JSON("a".."c"))
592
- - assert_equal "a"..."c", JSON(JSON("a"..."c"))
593
- + assert_equal d, JSON(JSON(d), :create_additions => true)
594
- + assert_equal 1..10, JSON(JSON(1..10), :create_additions => true)
595
- + assert_equal 1...10, JSON(JSON(1...10), :create_additions => true)
596
- + assert_equal "a".."c", JSON(JSON("a".."c"), :create_additions => true)
597
- + assert_equal "a"..."c", JSON(JSON("a"..."c"), :create_additions => true)
598
- s = MyJsonStruct.new 4711, 'foot'
599
- - assert_equal s, JSON(JSON(s))
600
- + assert_equal s, JSON(JSON(s), :create_additions => true)
601
- struct = Struct.new :foo, :bar
602
- s = struct.new 4711, 'foot'
603
- assert_raises(JSONError) { JSON(s) }
604
- @@ -148,41 +156,41 @@ class TestJSONAddition < Test::Unit::TestCase
605
- raise TypeError, "test me"
606
- rescue TypeError => e
607
- e_json = JSON.generate e
608
- - e_again = JSON e_json
609
- + e_again = JSON e_json, :create_additions => true
610
- assert_kind_of TypeError, e_again
611
- assert_equal e.message, e_again.message
612
- assert_equal e.backtrace, e_again.backtrace
613
- end
614
- - assert_equal(/foo/, JSON(JSON(/foo/)))
615
- - assert_equal(/foo/i, JSON(JSON(/foo/i)))
616
- + assert_equal(/foo/, JSON(JSON(/foo/), :create_additions => true))
617
- + assert_equal(/foo/i, JSON(JSON(/foo/i), :create_additions => true))
618
- end
619
-
620
- def test_utc_datetime
621
- now = Time.now
622
- - d = DateTime.parse(now.to_s) # usual case
623
- - assert_equal d, JSON.parse(d.to_json)
624
- + d = DateTime.parse(now.to_s, :create_additions => true) # usual case
625
- + assert_equal d, JSON.parse(d.to_json, :create_additions => true)
626
- d = DateTime.parse(now.utc.to_s) # of = 0
627
- - assert_equal d, JSON.parse(d.to_json)
628
- + assert_equal d, JSON.parse(d.to_json, :create_additions => true)
629
- d = DateTime.civil(2008, 6, 17, 11, 48, 32, Rational(1,24))
630
- - assert_equal d, JSON.parse(d.to_json)
631
- + assert_equal d, JSON.parse(d.to_json, :create_additions => true)
632
- d = DateTime.civil(2008, 6, 17, 11, 48, 32, Rational(12,24))
633
- - assert_equal d, JSON.parse(d.to_json)
634
- + assert_equal d, JSON.parse(d.to_json, :create_additions => true)
635
- end
636
-
637
- def test_rational_complex
638
- - assert_equal Rational(2, 9), JSON(JSON(Rational(2, 9)))
639
- - assert_equal Complex(2, 9), JSON(JSON(Complex(2, 9)))
640
- + assert_equal Rational(2, 9), JSON.parse(JSON(Rational(2, 9)), :create_additions => true)
641
- + assert_equal Complex(2, 9), JSON.parse(JSON(Complex(2, 9)), :create_additions => true)
642
- end
643
-
644
- def test_bigdecimal
645
- - assert_equal BigDecimal('3.141', 23), JSON(JSON(BigDecimal('3.141', 23)))
646
- - assert_equal BigDecimal('3.141', 666), JSON(JSON(BigDecimal('3.141', 666)))
647
- + assert_equal BigDecimal('3.141', 23), JSON(JSON(BigDecimal('3.141', 23)), :create_additions => true)
648
- + assert_equal BigDecimal('3.141', 666), JSON(JSON(BigDecimal('3.141', 666)), :create_additions => true)
649
- end
650
-
651
- def test_ostruct
652
- o = OpenStruct.new
653
- # XXX this won't work; o.foo = { :bar => true }
654
- o.foo = { 'bar' => true }
655
- - assert_equal o, JSON(JSON(o))
656
- + assert_equal o, JSON.parse(JSON(o), :create_additions => true)
657
- end
658
- end
659
- diff --git a/tests/test_json_string_matching.rb b/tests/test_json_string_matching.rb
660
- index b8a7169..7f2148e 100644
661
- --- a/tests/test_json_string_matching.rb
662
- +++ b/tests/test_json_string_matching.rb
663
- @@ -27,14 +27,13 @@ class TestJSONStringMatching < Test::Unit::TestCase
664
- t = TestTime.new
665
- t_json = [ t ].to_json
666
- assert_equal [ t ],
667
- - JSON.parse(t_json,
668
- - :match_string => { /\A\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}[+-]\d{4}\Z/ => TestTime })
669
- + JSON.parse(t_json, :create_additions => true,
670
- + :match_string => { /\A\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}[+-]\d{4}\z/ => TestTime })
671
- assert_equal [ t.strftime('%FT%T%z') ],
672
- - JSON.parse(t_json,
673
- - :match_string => { /\A\d{3}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}[+-]\d{4}\Z/ => TestTime })
674
- + JSON.parse(t_json, :create_additions => true,
675
- + :match_string => { /\A\d{3}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}[+-]\d{4}\z/ => TestTime })
676
- assert_equal [ t.strftime('%FT%T%z') ],
677
- JSON.parse(t_json,
678
- - :match_string => { /\A\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}[+-]\d{4}\Z/ => TestTime },
679
- - :create_additions => false)
680
- + :match_string => { /\A\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}[+-]\d{4}\z/ => TestTime })
681
- end
682
- end
683
- --
684
- 1.8.1.2
685
-