jenkins-bot has submitted this change and it was merged.
Change subject: Fix pretty JSON when strings end with backslashes
......................................................................
Fix pretty JSON when strings end with backslashes
If a string encoded as part of the output ends in a backslash
(e.g. an edit token), FormatJson::prettyPrint() may incorrectly
treat the unescaped double quote marking the end of the string as
a character that is part of the string.
This is a serious problem in that the "pretty" output may not
necessarily be valid JSON; a later string literal might contain
one or more of these tokens: :[{,]}
To fix the bug, I exploit strtr's behavior when it is given an
associative array having keys of the same length to skip over
escaped backslashes while replacing escaped double quotes with "\x01".
I also updated the corresponding unit test.
Change-Id: I159105b6493c14b82cd0a41a95e04bfed744931e
(cherry picked from commit 217cb2e3a6ea805eee4cc81b1cb43562620f88b3)
---
M includes/json/FormatJson.php
M tests/phpunit/includes/json/FormatJsonTest.php
2 files changed, 3 insertions(+), 3 deletions(-)
Approvals:
Krinkle: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/json/FormatJson.php b/includes/json/FormatJson.php
index 013d589..bdf98d5 100644
--- a/includes/json/FormatJson.php
+++ b/includes/json/FormatJson.php
@@ -168,7 +168,7 @@
private static function prettyPrint( $json ) {
$buf = '';
$indent = 0;
- $json = str_replace( '\"', "\x01", $json );
+ $json = strtr( $json, array( '\\\\' => '\\\\', '\"' => "\x01" )
);
for ( $i = 0, $n = strlen( $json ); $i < $n; $i += $skip ) {
$skip = 1;
switch ( $json[$i] ) {
diff --git a/tests/phpunit/includes/json/FormatJsonTest.php
b/tests/phpunit/includes/json/FormatJsonTest.php
index 9e25e18..0782e4e 100644
--- a/tests/phpunit/includes/json/FormatJsonTest.php
+++ b/tests/phpunit/includes/json/FormatJsonTest.php
@@ -6,7 +6,7 @@
$obj = array(
'emptyObject' => new stdClass,
'emptyArray' => array(),
- 'string' => 'foobar',
+ 'string' => 'foobar\\',
'filledArray' => array(
array(
123,
@@ -24,7 +24,7 @@
"emptyArray": [
],
- "string": "foobar",
+ "string": "foobar\\\\",
"filledArray": [
[
123,
--
To view, visit https://gerrit.wikimedia.org/r/59328
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I159105b6493c14b82cd0a41a95e04bfed744931e
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/core
Gerrit-Branch: REL1_21
Gerrit-Owner: PleaseStand <pleasest...@live.com>
Gerrit-Reviewer: Krinkle <krinklem...@gmail.com>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
