RubyGems - json - Versions diffs - 2.16.0 → 2.19.3 - Mend

json 2.16.0 → 2.19.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

checksums.yaml +4 -4
data/CHANGES.md +43 -1
data/ext/json/ext/fbuffer/fbuffer.h +29 -25
data/ext/json/ext/generator/extconf.rb +1 -1
data/ext/json/ext/generator/generator.c +132 -369
data/ext/json/ext/json.h +13 -0
data/ext/json/ext/parser/extconf.rb +1 -2
data/ext/json/ext/parser/parser.c +235 -179
data/ext/json/ext/simd/simd.h +33 -16
data/ext/json/ext/vendor/fpconv.c +3 -3
data/lib/json/common.rb +62 -14
data/lib/json/ext/generator/state.rb +1 -1
data/lib/json/truffle_ruby/generator.rb +34 -18
data/lib/json/version.rb +1 -1
data/lib/json.rb +33 -0
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d8bd00bbc63367659eb90ee7e3f4f1394fecdf713fc724f7908c6a2c7b79bbf7
-  data.tar.gz: efa1d81f687277247649de777f25be01e56ad8dfac1bdd9ce61111e10231185e
+  metadata.gz: 3182d9103a2ee3b673b923a4789e947a9cddb850f870f7fdb54d93f3bd1a5493
+  data.tar.gz: 0ee85345c9e1c99223f9cc3e859e4a7295f40f88461ca0f47059cfcc4e80154c
 SHA512:
-  metadata.gz: cb8b505c08b88115a87aa0b6ab8b7f34d6e0611af7d37277cef243131990db6cb77ca2508045104588607d54bd58b0c2e67ce0728bd72c4c32d2d77a56b9762e
-  data.tar.gz: 8dec0d5ba99f33e68049328f060a600da2fe0545caf47c44c2e812a8316cbe64a99152f365be8654cb4af45493de3bed97baa61a0b2a71ae71a7466d0ee11e8c
+  metadata.gz: dedf64066bc4017b977330468b01613ce1d4a78c267b38519b7ef2705368e5d73187b64ca99777afaf900cc5f58523a722833e83c0ee011944bf15b34c33479e
+  data.tar.gz: c187fa755e0a7bd2e2ddb74498062a8138ac4882630713e3372886b5648a22a453b1a388174038b2d4144a724e1d44d5b444b190e49e3e7eb2047d8b98eef0a8

data/CHANGES.md CHANGED Viewed

@@ -2,6 +2,48 @@
 ### Unreleased
+### 2026-03-25 (2.19.3)
+* Fix handling of unescaped control characters preceeded by a backslash.
+### 2026-03-18 (2.19.2)
+* Fix a format string injection vulnerability in `JSON.parse(doc, allow_duplicate_key: false)`.
+### 2026-03-08 (2.19.1)
+* Fix a compiler dependent GC bug introduced in `2.18.0`.
+### 2026-03-06 (2.19.0)
+* Fix `allow_blank` parsing option to no longer allow invalid types (e.g. `load([], allow_blank: true)` now raise a type error).
+* Add `allow_invalid_escape` parsing option to ignore backslashes that aren't followed by one of the valid escape characters.
+### 2026-02-03 (2.18.1)
+* Fix a potential crash in very specific circumstance if GC triggers during a call to `to_json`
+  without first invoking a user defined `#to_json` method.
+### 2025-12-11 (2.18.0)
+* Add `:allow_control_characters` parser options, to allow JSON strings containing unescaped ASCII control characters (e.g. newlines).
+### 2025-12-04 (2.17.1)
+* Fix a regression in parsing of unicode surogate pairs (`\uXX\uXX`) that could cause an invalid string to be returned.
+### 2025-12-03 (2.17.0)
+* Improve `JSON.load` and `JSON.unsafe_load` to allow passing options as second argument.
+* Fix the parser to no longer ignore invalid escapes in strings.
+  Only `\"`, `\\`, `\b`, `\f`, `\n`, `\r`, `\t` and `\u` are valid JSON escapes.
+* Fixed `JSON::Coder` to use the depth it was initialized with.
+* On TruffleRuby, fix the generator to not call `to_json` on the return value of `as_json` for `Float::NAN`.
+* Fixed handling of `state.depth`: when `to_json` changes `state.depth` but does not restore it, it is reset
+  automatically to its initial value.
+  In particular, when a `NestingError` is raised, `depth` is no longer equal to `max_nesting` after the call to
+  generate, and is reset to its initial value. Similarly when `to_json` raises an exception.
 ### 2025-11-07 (2.16.0)
 * Deprecate `JSON::State#[]` and `JSON::State#[]=`. Consider using `JSON::Coder` instead.
@@ -46,7 +88,7 @@
 * Fix `JSON.generate` `strict: true` mode to also restrict hash keys.
 * Fix `JSON::Coder` to also invoke block for hash keys that aren't strings nor symbols.
 * Fix `JSON.unsafe_load` usage with proc
-* Fix the parser to more consistently reject invalid UTF-16 surogate pairs.
+* Fix the parser to more consistently reject invalid UTF-16 surogate pairs.
 * Stop defining `String.json_create`, `String#to_json_raw`, `String#to_json_raw_object` when `json/add` isn't loaded.
 ### 2025-07-28 (2.13.2)

data/ext/json/ext/fbuffer/fbuffer.h CHANGED Viewed

@@ -11,11 +11,11 @@ enum fbuffer_type {
 typedef struct FBufferStruct {
     enum fbuffer_type type;
-    unsigned long initial_length;
-    unsigned long len;
-    unsigned long capa;
-#ifdef JSON_DEBUG
-    unsigned long requested;
+    size_t initial_length;
+    size_t len;
+    size_t capa;
+#if JSON_DEBUG
+    size_t requested;
 #endif
     char *ptr;
     VALUE io;
@@ -32,12 +32,12 @@ typedef struct FBufferStruct {
 static void fbuffer_free(FBuffer *fb);
 static void fbuffer_clear(FBuffer *fb);
-static void fbuffer_append(FBuffer *fb, const char *newstr, unsigned long len);
+static void fbuffer_append(FBuffer *fb, const char *newstr, size_t len);
 static void fbuffer_append_long(FBuffer *fb, long number);
 static inline void fbuffer_append_char(FBuffer *fb, char newchr);
 static VALUE fbuffer_finalize(FBuffer *fb);
-static void fbuffer_stack_init(FBuffer *fb, unsigned long initial_length, char *stack_buffer, long stack_buffer_size)
+static void fbuffer_stack_init(FBuffer *fb, size_t initial_length, char *stack_buffer, size_t stack_buffer_size)
 {
     fb->initial_length = (initial_length > 0) ? initial_length : FBUFFER_INITIAL_LENGTH_DEFAULT;
     if (stack_buffer) {
@@ -45,14 +45,14 @@ static void fbuffer_stack_init(FBuffer *fb, unsigned long initial_length, char *
         fb->ptr = stack_buffer;
         fb->capa = stack_buffer_size;
     }
-#ifdef JSON_DEBUG
+#if JSON_DEBUG
     fb->requested = 0;
 #endif
 }
-static inline void fbuffer_consumed(FBuffer *fb, unsigned long consumed)
+static inline void fbuffer_consumed(FBuffer *fb, size_t consumed)
 {
-#ifdef JSON_DEBUG
+#if JSON_DEBUG
     if (consumed > fb->requested) {
         rb_bug("fbuffer: Out of bound write");
     }
@@ -79,7 +79,7 @@ static void fbuffer_flush(FBuffer *fb)
     fbuffer_clear(fb);
 }
-static void fbuffer_realloc(FBuffer *fb, unsigned long required)
+static void fbuffer_realloc(FBuffer *fb, size_t required)
 {
     if (required > fb->capa) {
         if (fb->type == FBUFFER_STACK_ALLOCATED) {
@@ -94,7 +94,7 @@ static void fbuffer_realloc(FBuffer *fb, unsigned long required)
     }
 }
-static void fbuffer_do_inc_capa(FBuffer *fb, unsigned long requested)
+static void fbuffer_do_inc_capa(FBuffer *fb, size_t requested)
 {
     if (RB_UNLIKELY(fb->io)) {
         if (fb->capa < FBUFFER_IO_BUFFER_SIZE) {
@@ -108,7 +108,7 @@ static void fbuffer_do_inc_capa(FBuffer *fb, unsigned long requested)
         }
     }
-    unsigned long required;
+    size_t required;
     if (RB_UNLIKELY(!fb->ptr)) {
         fb->ptr = ALLOC_N(char, fb->initial_length);
@@ -120,9 +120,9 @@ static void fbuffer_do_inc_capa(FBuffer *fb, unsigned long requested)
     fbuffer_realloc(fb, required);
 }
-static inline void fbuffer_inc_capa(FBuffer *fb, unsigned long requested)
+static inline void fbuffer_inc_capa(FBuffer *fb, size_t requested)
 {
-#ifdef JSON_DEBUG
+#if JSON_DEBUG
     fb->requested = requested;
 #endif
@@ -131,13 +131,13 @@ static inline void fbuffer_inc_capa(FBuffer *fb, unsigned long requested)
     }
 }
-static inline void fbuffer_append_reserved(FBuffer *fb, const char *newstr, unsigned long len)
+static inline void fbuffer_append_reserved(FBuffer *fb, const char *newstr, size_t len)
 {
     MEMCPY(fb->ptr + fb->len, newstr, char, len);
     fbuffer_consumed(fb, len);
 }
-static inline void fbuffer_append(FBuffer *fb, const char *newstr, unsigned long len)
+static inline void fbuffer_append(FBuffer *fb, const char *newstr, size_t len)
 {
     if (len > 0) {
         fbuffer_inc_capa(fb, len);
@@ -148,7 +148,7 @@ static inline void fbuffer_append(FBuffer *fb, const char *newstr, unsigned long
 /* Appends a character into a buffer. The buffer needs to have sufficient capacity, via fbuffer_inc_capa(...). */
 static inline void fbuffer_append_reserved_char(FBuffer *fb, char chr)
 {
-#ifdef JSON_DEBUG
+#if JSON_DEBUG
     if (fb->requested < 1) {
         rb_bug("fbuffer: unreserved write");
     }
@@ -161,25 +161,29 @@ static inline void fbuffer_append_reserved_char(FBuffer *fb, char chr)
 static void fbuffer_append_str(FBuffer *fb, VALUE str)
 {
-    const char *newstr = StringValuePtr(str);
-    unsigned long len = RSTRING_LEN(str);
+    const char *ptr;
+    size_t len;
+    RSTRING_GETMEM(str, ptr, len);
-    fbuffer_append(fb, newstr, len);
+    fbuffer_append(fb, ptr, len);
+    RB_GC_GUARD(str);
 }
 static void fbuffer_append_str_repeat(FBuffer *fb, VALUE str, size_t repeat)
 {
-    const char *newstr = StringValuePtr(str);
-    unsigned long len = RSTRING_LEN(str);
+    const char *ptr;
+    size_t len;
+    RSTRING_GETMEM(str, ptr, len);
     fbuffer_inc_capa(fb, repeat * len);
     while (repeat) {
-#ifdef JSON_DEBUG
+#if JSON_DEBUG
         fb->requested = len;
 #endif
-        fbuffer_append_reserved(fb, newstr, len);
+        fbuffer_append_reserved(fb, ptr, len);
         repeat--;
     }
+    RB_GC_GUARD(str);
 }
 static inline void fbuffer_append_char(FBuffer *fb, char newchr)

data/ext/json/ext/generator/extconf.rb CHANGED Viewed

@@ -6,7 +6,7 @@ if RUBY_ENGINE == 'truffleruby'
 else
   append_cflags("-std=c99")
   $defs << "-DJSON_GENERATOR"
-  $defs << "-DJSON_DEBUG" if ENV["JSON_DEBUG"]
+  $defs << "-DJSON_DEBUG" if ENV.fetch("JSON_DEBUG", "0") != "0"
   if enable_config('generator-use-simd', default=!ENV["JSON_DISABLE_SIMD"])
     load __dir__ + "/../simd/conf.rb"