This is an automated email from the ASF dual-hosted git repository.
ntimofeev pushed a commit to branch STABLE-4.2
in repository https://gitbox.apache.org/repos/asf/cayenne.git
The following commit(s) were added to refs/heads/STABLE-4.2 by this push:
new b87a8caf3 CAY-2806 Incorrect processing of unicode escape syntax in
JSON
b87a8caf3 is described below
commit b87a8caf34f576dc7368a6c43171b58b766e2597
Author: Nikita Timofeev <[email protected]>
AuthorDate: Fri Jun 2 14:26:58 2023 +0300
CAY-2806 Incorrect processing of unicode escape syntax in JSON
---
RELEASE-NOTES.txt | 10 ++++++++++
.../main/java/org/apache/cayenne/value/json/JsonTokenizer.java | 5 +++--
.../java/org/apache/cayenne/value/json/JsonTokenizerTest.java | 5 +++++
3 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/RELEASE-NOTES.txt b/RELEASE-NOTES.txt
index 111689b1b..f29952482 100644
--- a/RELEASE-NOTES.txt
+++ b/RELEASE-NOTES.txt
@@ -7,6 +7,16 @@ https://cayenne.apache.org/
To browse individual bug reports check out project issue tracker:
https://issues.apache.org/jira/browse/CAY
+----------------------------------
+Release: 4.2.1
+Date:
+----------------------------------
+Changes/New Features:
+
+Bug Fixes:
+
+CAY-2806 Incorrect processing of unicode escape syntax in JSON
+
----------------------------------
Release: 4.2
Date: May 16, 2023
diff --git
a/cayenne-server/src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java
b/cayenne-server/src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java
index 9ab9ec46e..e1464404a 100644
---
a/cayenne-server/src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java
+++
b/cayenne-server/src/main/java/org/apache/cayenne/value/json/JsonTokenizer.java
@@ -439,6 +439,7 @@ final class JsonTokenizer {
position++;
continue;
case 'u':
+ position++;
for(int i=0; i<4; i++) {
char next = data[position + i];
if ((next < '0' || next > '9')
@@ -446,14 +447,14 @@ final class JsonTokenizer {
&& (next < 'A' || next > 'F')
) {
throw new MalformedJsonException("Unknown
escape sequence "
- + String.valueOf(data, position -
1, position + 4) + " at position " + position);
+ + String.valueOf(data, position -
1, 4) + " at position " + position);
}
}
position += 4;
continue;
default:
throw new MalformedJsonException("Unknown escape
sequence "
- + String.valueOf(data, position - 1,
position) + " at position " + position);
+ + String.valueOf(data, position - 1, 1) +
" at position " + position);
}
case '"':
return new JsonToken(TokenType.STRING, startPosition,
position++);
diff --git
a/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java
b/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java
index 990d63620..15d2eb72e 100644
---
a/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java
+++
b/cayenne-server/src/test/java/org/apache/cayenne/value/json/JsonTokenizerTest.java
@@ -204,6 +204,11 @@ public class JsonTokenizerTest {
token = tokenizer.nextToken();
assertEquals(JsonTokenizer.TokenType.STRING, token.type);
assertEquals("test\\\\test\\\\test", token.toString());
+
+ tokenizer = new JsonTokenizer("\"\\uaaaa \\uffff \\uAAAA \\uFFFF
\\u0000 \\u9999\"");
+ token = tokenizer.nextToken();
+ assertEquals(JsonTokenizer.TokenType.STRING, token.type);
+ assertEquals("\\uaaaa \\uffff \\uAAAA \\uFFFF \\u0000 \\u9999",
token.toString());
}
@Test(expected = MalformedJsonException.class)
