RubyGems - oj - Versions diffs - 2.9.7 → 2.9.8 - Mend

oj 2.9.7 → 2.9.8

Potentially problematic release.

This version of oj might be problematic. Click here for more details.

Files changed (11) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 46cf0f951fe71b68f7df69debe2b80be4fa37539
-  data.tar.gz: 3988bbf389028c52969cdd2702671b37d78a7f9f
+  metadata.gz: 080ee5fb844d326ce444282c5df529a135cf125b
+  data.tar.gz: 6461af3c663d8974e0eea8c8b4e3e811500a7397
 SHA512:
-  metadata.gz: 0a2e47552a218ebe9d1c0e58e134fa1a5eb36ad0754e72c638d15a528ff12093b5cc1a7587ab61c4491ea046a4c5186562f2f0916f936485a6b31296ba37de0a
-  data.tar.gz: d996faa5d574f3e5146e872bb4e863f2a286d6b9017d2679db7d570154341f4d0813bd06db5bf672e704d73a184c14769e653280a032e6286286035e71acd76d
+  metadata.gz: 5e241a43f3b733fad07606b48f36ec364fce3a516d59596e9684fd7d87bcbc45ea07321ed37719d95f6803d53877f76443813559a42b6c0c86b0f07d19bd0ee6
+  data.tar.gz: a01b9b8f1f84de6297b5d240c96680dd212851a95d55d6ffced9b1cd79c98553c29e4a9b7358e4c8f2bcc0b080a855cab85dc17cf30bdf9f4f562bf91f5d459c

data/README.md CHANGED

@@ -26,31 +26,12 @@ Follow [@peterohler on Twitter](http://twitter.com/#!/peterohler) for announceme
 [![Build Status](https://secure.travis-ci.org/ohler55/oj.png?branch=master)](http://travis-ci.org/ohler55/oj)
-### Current Release 2.9.7
+### Current Release 2.9.8
- - Changed dump to use raw / and raw \n in output instead of escaping.
+ - Changed escaping back to previous release and added a new escape mode.
- - Changed the writer to always put a new line at the end of a top level JSON
-   object. It makes output easier to view and edit with minimal impact on size.
- - TBD Worked around the file.gets look ahead caching as long as it is not
-   called while parsing (of course).
- - Thanks to lautis for a new parse option. quirks_mode allows Oj to behave
-   quirky like the JSON gem. Actually the JSON gem has it backwards with quirky
-   mode supporting the JSON spec and non-quirky limiting parsing to objects and
-   arrays. Oj stays consistent with the JSON gem to avoid confusion.
- - Fixed problem with sc_parse not terminating the string when loaded from a file.
- - Thanks go to dchelimsky for expanding the code sample for the ScHandler.
-### Release 2.9.6
- - Fixed bug using StringIO with SCParser.
- - Tightened up JSON mimic to raise an exception if JSON.parse is called on
-   a JSON documents that returns a primitive type.
+ - Strict mode and compat mode no longer parse Infinity or NaN as a valid
+   number. Both are valid in object mode still.
 [Older release notes](http://www.ohler.com/dev/oj_misc/release_notes.html).

data/ext/oj/dump.c CHANGED

@@ -111,7 +111,8 @@ static void	dump_leaf_hash(Leaf leaf, int depth, Out out);
 static const char	hex_chars[17] = "0123456789abcdef";
-static char	hibit_friendly_chars[256] = "\
+// JSON standard except newlines are no escaped
+static char	newline_friendly_chars[256] = "\
 66666666221622666666666666666666\
 11211111111111111111111111111111\
 11111111111111111111111111112111\
@@ -121,6 +122,17 @@ static char	hibit_friendly_chars[256] = "\
 11111111111111111111111111111111\
 11111111111111111111111111111111";
+// JSON standard
+static char	hibit_friendly_chars[256] = "\
+66666666222622666666666666666666\
+11211111111111111111111111111111\
+11111111111111111111111111112111\
+11111111111111111111111111111111\
+11111111111111111111111111111111\
+11111111111111111111111111111111\
+11111111111111111111111111111111\
+11111111111111111111111111111111";
 // High bit set characters are always encoded as unicode. Worse case is 3
 // bytes per character in the output. That makes this conservative.
 static char	ascii_friendly_chars[256] = "\
@@ -133,6 +145,7 @@ static char	ascii_friendly_chars[256] = "\
 33333333333333333333333333333333\
 33333333333333333333333333333333";
+// XSS safe mode
 static char	xss_friendly_chars[256] = "\
 66666666222622666666666666666666\
 11211161111111121111111111116161\
@@ -143,6 +156,16 @@ static char	xss_friendly_chars[256] = "\
 33333333333333333333333333333333\
 33333333333333333333333333333333";
+inline static size_t
+newline_friendly_size(const uint8_t *str, size_t len) {
+    size_t	size = 0;
+    for (; 0 < len; str++, len--) {
+	size += newline_friendly_chars[*str];
+    }
+    return size - len * (size_t)'0';
+}
 inline static size_t
 hibit_friendly_size(const uint8_t *str, size_t len) {
     size_t	size = 0;
@@ -462,6 +485,10 @@ dump_cstr(const char *str, size_t cnt, int is_sym, int escape1, Out out) {
     char	*cmap;
     switch (out->opts->escape_mode) {
+    case NLEsc:
+	cmap = newline_friendly_chars;
+	size = newline_friendly_size((uint8_t*)str, cnt);
+	break;
     case ASCIIEsc:
 	cmap = ascii_friendly_chars;
 	size = ascii_friendly_size((uint8_t*)str, cnt);

data/ext/oj/object.c CHANGED

@@ -517,11 +517,21 @@ array_append_cstr(ParseInfo pi, const char *str, size_t len, const char *orig) {
     rb_ary_push(stack_peek(&pi->stack)->val, str_to_value(pi, str, len, orig));
 }
+static void
+array_append_num(ParseInfo pi, NumInfo ni) {
+    rb_ary_push(stack_peek(&pi->stack)->val, oj_num_as_value(ni));
+}
 static void
 add_cstr(ParseInfo pi, const char *str, size_t len, const char *orig) {
     pi->stack.head->val = str_to_value(pi, str, len, orig);
 }
+static void
+add_num(ParseInfo pi, NumInfo ni) {
+    pi->stack.head->val = oj_num_as_value(ni);
+}
 void
 oj_set_object_callbacks(ParseInfo pi) {
     oj_set_strict_callbacks(pi);
@@ -531,7 +541,9 @@ oj_set_object_callbacks(ParseInfo pi) {
     pi->hash_set_num = hash_set_num;
     pi->hash_set_value = hash_set_value;
     pi->add_cstr = add_cstr;
+    pi->add_num = add_num;
     pi->array_append_cstr = array_append_cstr;
+    pi->array_append_num = array_append_num;
 }
 VALUE
@@ -560,7 +572,9 @@ oj_object_parse_cstr(int argc, VALUE *argv, char *json, size_t len) {
     pi.hash_set_num = hash_set_num;
     pi.hash_set_value = hash_set_value;
     pi.add_cstr = add_cstr;
+    pi.add_num = add_num;
     pi.array_append_cstr = array_append_cstr;
+    pi.array_append_num = array_append_num;
     return oj_pi_parse(argc, argv, &pi, json, len, 1);
 }

data/ext/oj/oj.c CHANGED

@@ -114,6 +114,7 @@ static VALUE	float_sym;
 static VALUE	indent_sym;
 static VALUE	json_sym;
 static VALUE	mode_sym;
+static VALUE	newline_sym;
 static VALUE	nilnil_sym;
 static VALUE	null_sym;
 static VALUE	object_sym;
@@ -180,7 +181,7 @@ static VALUE	define_mimic_json(int argc, VALUE *argv, VALUE self);
  * - circular: [true|false|nil] support circular references while dumping
  * - auto_define: [true|false|nil] automatically define classes if they do not exist
  * - symbol_keys: [true|false|nil] use symbols instead of strings for hash keys
- * - escape_mode: [:json|:xss_safe|:ascii|nil] determines the characters to escape
+ * - escape_mode: [:newline|:json|:xss_safe|:ascii|nil] determines the characters to escape
  * - class_cache: [true|false|nil] cache classes for faster parsing (if dynamically modifying classes or reloading classes then don't use this)
  * - mode: [:object|:strict|:compat|:null] load and dump modes to use for JSON
  * - time_format: [:unix|:xmlschema|:ruby] time format when dumping in :compat mode
@@ -217,6 +218,7 @@ get_def_opts(VALUE self) {
     default:		rb_hash_aset(opts, mode_sym, object_sym);	break;
     }
     switch (oj_default_options.escape_mode) {
+    case NLEsc:		rb_hash_aset(opts, escape_mode_sym, newline_sym);	break;
     case JSONEsc:	rb_hash_aset(opts, escape_mode_sym, json_sym);		break;
     case XSSEsc:	rb_hash_aset(opts, escape_mode_sym, xss_safe_sym);	break;
     case ASCIIEsc:	rb_hash_aset(opts, escape_mode_sym, ascii_sym);		break;
@@ -248,8 +250,9 @@ get_def_opts(VALUE self) {
  * @param [true|false|nil] :auto_define automatically define classes if they do not exist
  * @param [true|false|nil] :symbol_keys convert hash keys to symbols
  * @param [true|false|nil] :class_cache cache classes for faster parsing
- * @param [:json|:xss_safe|:ascii|nil] :escape mode encodes all high-bit characters as
+ * @param [:newline|:json|:xss_safe|:ascii|nil] :escape mode encodes all high-bit characters as
  *        escaped sequences if :ascii, :json is standand UTF-8 JSON encoding,
+ *        :newline is the same as :json but newlines are not escaped,
  *        and :xss_safe escapes &, <, and >, and some others.
  * @param [true|false|nil] :bigdecimal_as_decimal dump BigDecimal as a decimal number or as a String
  * @param [:bigdecimal|:float|:auto|nil] :bigdecimal_load load decimals as BigDecimal instead of as a Float. :auto pick the most precise for the number of digits.
@@ -341,6 +344,8 @@ set_def_opts(VALUE self, VALUE opts) {
     v = rb_hash_lookup(opts, escape_mode_sym);
     if (Qnil == v) {
 	// ignore
+    } else if (newline_sym == v) {
+	oj_default_options.escape_mode = NLEsc;
     } else if (json_sym == v) {
 	oj_default_options.escape_mode = JSONEsc;
     } else if (xss_safe_sym == v) {
@@ -471,14 +476,16 @@ oj_parse_options(VALUE ropts, Options copts) {
 	}
 	if (Qnil != (v = rb_hash_lookup(ropts, escape_mode_sym))) {
-	    if (json_sym == v) {
+	    if (newline_sym == v) {
+		copts->escape_mode = NLEsc;
+	    } else if (json_sym == v) {
 		copts->escape_mode = JSONEsc;
 	    } else if (xss_safe_sym == v) {
 		copts->escape_mode = XSSEsc;
 	    } else if (ascii_sym == v) {
 		copts->escape_mode = ASCIIEsc;
 	    } else {
-		rb_raise(rb_eArgError, ":encoding must be :json, :rails, or :ascii.");
+		rb_raise(rb_eArgError, ":encoding must be :newline, :json, :xss_safe, or :ascii.");
 	    }
 	}
@@ -1993,7 +2000,6 @@ void Init_oj() {
     bigdecimal_load_sym = ID2SYM(rb_intern("bigdecimal_load"));rb_gc_register_address(&bigdecimal_load_sym);
     bigdecimal_sym = ID2SYM(rb_intern("bigdecimal"));	rb_gc_register_address(&bigdecimal_sym);
     circular_sym = ID2SYM(rb_intern("circular"));	rb_gc_register_address(&circular_sym);
-    nilnil_sym = ID2SYM(rb_intern("nilnil"));		rb_gc_register_address(&nilnil_sym);
     class_cache_sym = ID2SYM(rb_intern("class_cache"));	rb_gc_register_address(&class_cache_sym);
     compat_sym = ID2SYM(rb_intern("compat"));		rb_gc_register_address(&compat_sym);
     create_id_sym = ID2SYM(rb_intern("create_id"));	rb_gc_register_address(&create_id_sym);
@@ -2002,6 +2008,8 @@ void Init_oj() {
     indent_sym = ID2SYM(rb_intern("indent"));		rb_gc_register_address(&indent_sym);
     json_sym = ID2SYM(rb_intern("json"));		rb_gc_register_address(&json_sym);
     mode_sym = ID2SYM(rb_intern("mode"));		rb_gc_register_address(&mode_sym);
+    newline_sym = ID2SYM(rb_intern("newline"));		rb_gc_register_address(&newline_sym);
+    nilnil_sym = ID2SYM(rb_intern("nilnil"));		rb_gc_register_address(&nilnil_sym);
     null_sym = ID2SYM(rb_intern("null"));		rb_gc_register_address(&null_sym);
     object_sym = ID2SYM(rb_intern("object"));		rb_gc_register_address(&object_sym);
     quirks_mode_sym = ID2SYM(rb_intern("quirks_mode"));	rb_gc_register_address(&quirks_mode_sym);

data/ext/oj/oj.h CHANGED

@@ -87,6 +87,7 @@ typedef enum {
 } TimeFormat;
 typedef enum {
+    NLEsc	= 'n',
     JSONEsc	= 'j',
     XSSEsc	= 'x',
     ASCIIEsc	= 'a'

data/ext/oj/strict.c CHANGED

@@ -38,9 +38,6 @@
 #include "parse.h"
 #include "encode.h"
-// Workaround in case INFINITY is not defined in math.h or if the OS is CentOS
-#define OJ_INFINITY (1.0/0.0)
 static void
 noop_end(struct _ParseInfo *pi) {
 }
@@ -60,6 +57,9 @@ add_cstr(ParseInfo pi, const char *str, size_t len, const char *orig) {
 static void
 add_num(ParseInfo pi, NumInfo ni) {
+    if (ni->infinity || ni->nan) {
+	oj_set_error_at(pi, oj_parse_error_class, __FILE__, __LINE__, "not a number or other value");
+    }
     pi->stack.head->val = oj_num_as_value(ni);
 }
@@ -89,6 +89,9 @@ hash_set_cstr(ParseInfo pi, const char *key, size_t klen, const char *str, size_
 static void
 hash_set_num(struct _ParseInfo *pi, const char *key, size_t klen, NumInfo ni) {
+    if (ni->infinity || ni->nan) {
+	oj_set_error_at(pi, oj_parse_error_class, __FILE__, __LINE__, "not a number or other value");
+    }
     rb_hash_aset(stack_peek(&pi->stack)->val, hash_key(pi, key, klen), oj_num_as_value(ni));
 }
@@ -112,6 +115,9 @@ array_append_cstr(ParseInfo pi, const char *str, size_t len, const char *orig) {
 static void
 array_append_num(ParseInfo pi, NumInfo ni) {
+    if (ni->infinity || ni->nan) {
+	oj_set_error_at(pi, oj_parse_error_class, __FILE__, __LINE__, "not a number or other value");
+    }
     rb_ary_push(stack_peek(&pi->stack)->val, oj_num_as_value(ni));
 }

data/lib/oj/version.rb CHANGED

@@ -1,5 +1,5 @@
 module Oj
   # Current version of the module.
-  VERSION = '2.9.7'
+  VERSION = '2.9.8'
 end

data/test/test_file.rb CHANGED

@@ -79,6 +79,8 @@ class FileJuice < Minitest::Test
   end
   def test_float
+    mode = opts = Oj.default_options()[:mode]
+    Oj.default_options = {:mode => :object}
     dump_and_load(0.0, false)
     dump_and_load(12345.6789, false)
     dump_and_load(70.35, false)
@@ -87,6 +89,7 @@ class FileJuice < Minitest::Test
     dump_and_load(2.48e100 * 1.0e10, false)
     dump_and_load(-2.48e100 * 1.0e10, false)
     dump_and_load(1/0.0, false)
+    Oj.default_options = {:mode => mode}
   end
   def test_string

data/test/test_various.rb CHANGED

@@ -167,6 +167,8 @@ class Juice < Minitest::Test
   end
   def test_float
+    mode = opts = Oj.default_options()[:mode]
+    Oj.default_options = {:mode => :object}
     dump_and_load(0.0, false)
     dump_and_load(12345.6789, false)
     dump_and_load(70.35, false)
@@ -180,6 +182,7 @@ class Juice < Minitest::Test
     assert_equal('NaN', json)
     loaded = Oj.load(json);
     assert_equal(true, loaded.nan?)
+    Oj.default_options = {:mode => mode}
   end
   def test_string
@@ -241,7 +244,7 @@ class Juice < Minitest::Test
     assert(false, "*** expected an exception")
   end
-  # rails encoding tests
+  # encoding tests
   def test_does_not_escape_entities_by_default
     Oj.default_options = { :escape_mode => :ascii } # set in mimic mode
     # use Oj to create the hash since some Rubies don't deal nicely with unicode.
@@ -271,6 +274,20 @@ class Juice < Minitest::Test
     out = Oj.dump(hash, :escape_mode => :xss_safe)
     assert_equal(%{{"key":"\\u003cscript\\u003ealert(123) \\u0026\\u0026 formatHD()\\u003c\\/script\\u003e"}}, out)
   end
+  def test_escape_newline_by_default
+    Oj.default_options = { :escape_mode => :json }
+    json = %{["one","two\\n2"]}
+    x = Oj.load(json)
+    out = Oj.dump(x)
+    assert_equal(json, out)
+  end
+  def test_does_not_escape_newline
+    Oj.default_options = { :escape_mode => :newline }
+    json = %{["one","two\n2"]}
+    x = Oj.load(json)
+    out = Oj.dump(x)
+    assert_equal(json, out)
+  end
   # Symbol
   def test_symbol_strict
@@ -878,6 +895,24 @@ class Juice < Minitest::Test
     assert_equal('-Infinity', json)
   end
+  def test_infinity
+    n = Oj.load('Infinity', :mode => :object)
+    assert_equal(Float::INFINITY, n);
+    begin
+      Oj.load('Infinity', :mode => :strict)
+      fail()
+    rescue Oj::ParseError
+      assert(true)
+    end
+    begin
+      Oj.load('Infinity', :mode => :compat)
+      fail()
+    rescue Oj::ParseError
+      assert(true)
+    end
+  end
   # Date
   def test_date_strict
     begin

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: oj
 version: !ruby/object:Gem::Version
-  version: 2.9.7
+  version: 2.9.8
 platform: ruby
 authors:
 - Peter Ohler
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-06-24 00:00:00.000000000 Z
+date: 2014-06-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake-compiler