[cayenne] branch master updated: CAY-2806 Incorrect processing of unicode escape syntax in JSON

Fri, 02 Jun 2023 04:28:25 -0700 

This is an automated email from the ASF dual-hosted git repository.

ntimofeev pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cayenne.git


The following commit(s) were added to refs/heads/master by this push:
     new 94fc43d58 CAY-2806 Incorrect processing of unicode escape syntax in 
JSON
94fc43d58 is described below

commit 94fc43d58aeb59ba740dabda388c38cc801334d1
Author: Nikita Timofeev <[email protected]>
AuthorDate: Fri Jun 2 14:26:58 2023 +0300

    CAY-2806 Incorrect processing of unicode escape syntax in JSON
---
 RELEASE-NOTES.txt                                                    | 3 ++-
 .../src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java   | 5 +++--
 .../test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java   | 5 +++++
 .../src/test/java/org/apache/cayenne/value/json/JsonTypeIT.java      | 2 +-
 4 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt
index b3c3921ef..9f6fe7c5e 100644
--- a/RELEASE-NOTES.txt
+++ b/RELEASE-NOTES.txt
@@ -56,4 +56,5 @@ CAY-2782 Modeler: save button becomes active on DataMap 
comment field focus
 CAY-2783 DbEntity to ObjEntity synchronization should check mandatory flag for 
primitive java types
 CAY-2792 Fix Insertion Order For Reflexive DataObjects
 CAY-2800 Modeler saves map.xml files with schema ordering error
-CAY-2801 Incorrect equals() implementation in IdGenerationMarker could cause 
data missing in the commit
\ No newline at end of file
+CAY-2801 Incorrect equals() implementation in IdGenerationMarker could cause 
data missing in the commit
+CAY-2806 Incorrect processing of unicode escape syntax in JSON
\ No newline at end of file
diff --git 
a/cayenne-server/src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java 
b/cayenne-server/src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java
index 9ab9ec46e..e1464404a 100644
--- 
a/cayenne-server/src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java
+++ 
b/cayenne-server/src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java
@@ -439,6 +439,7 @@ final class JsonTokenizer {
                             position++;
                             continue;
                         case 'u':
+                            position++;
                             for(int i=0; i<4; i++) {
                                 char next = data[position + i];
                                 if ((next < '0' || next > '9')
@@ -446,14 +447,14 @@ final class JsonTokenizer {
                                         && (next < 'A' || next > 'F')
                                 ) {
                                     throw new MalformedJsonException("Unknown 
escape sequence "
-                                            + String.valueOf(data, position - 
1, position + 4) + " at position " + position);
+                                            + String.valueOf(data, position - 
1, 4) + " at position " + position);
                                 }
                             }
                             position += 4;
                             continue;
                         default:
                             throw new MalformedJsonException("Unknown escape 
sequence "
-                                    + String.valueOf(data, position - 1, 
position) + " at position " + position);
+                                    + String.valueOf(data, position - 1, 1) + 
" at position " + position);
                     }
                 case '"':
                     return new JsonToken(TokenType.STRING, startPosition, 
position++);
diff --git 
a/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java
 
b/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java
index 990d63620..15d2eb72e 100644
--- 
a/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java
+++ 
b/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java
@@ -204,6 +204,11 @@ public class JsonTokenizerTest {
         token = tokenizer.nextToken();
         assertEquals(JsonTokenizer.TokenType.STRING, token.type);
         assertEquals("test\\\\test\\\\test", token.toString());
+
+        tokenizer = new JsonTokenizer("\"\\uaaaa \\uffff \\uAAAA \\uFFFF 
\\u0000 \\u9999\"");
+        token = tokenizer.nextToken();
+        assertEquals(JsonTokenizer.TokenType.STRING, token.type);
+        assertEquals("\\uaaaa \\uffff \\uAAAA \\uFFFF \\u0000 \\u9999", 
token.toString());
     }
 
     @Test(expected = MalformedJsonException.class)
diff --git 
a/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTypeIT.java 
b/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTypeIT.java
index a733df409..a6393342a 100644
--- a/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTypeIT.java
+++ b/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTypeIT.java
@@ -82,7 +82,7 @@ public class JsonTypeIT extends ServerCase {
                          "    \"friends\": [\n" +
                          "      {\n" +
                          "        \"id\": 0,\n" +
-                         "        \"name\": \"Guzman Kemp\"\n" +
+                         "        \"name\": \"Guzman K\\u0450mp\"\n" +
                          "      },\n" +
                          "      {\n" +
                          "        \"id\": 1,\n" +

Reply via email to