Accueil Explorer Aide
S'inscrire Connexion
publics
/
golang__protobuf
0
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

jsonpb: fix handling of illegal and negative nanoseconds (#492)

The documentation for Timestamp.nanos says:
<<<
Non-negative fractions of a second at nanosecond resolution. Negative
second values with fractions must still have non-negative nanos values
that count forward in time. Must be from 0 to 999,999,999
inclusive.
>>>

The documentation for Duration.nanos says:
<<<
Signed fractions of a second at nanosecond resolution of the span
of time. Durations less than one second are represented with a 0
`seconds` field and a positive or negative `nanos` field. For durations
of one second or more, a non-zero value for the `nanos` field must be
of the same sign as the `seconds` field. Must be from -999,999,999
to +999,999,999 inclusive.
>>>

Thus, we forbid values beyond the documented range of valid values.
dfawley il y a 8 ans
Parent
5f34c20e59
commit
ac606b1764
2 fichiers modifiés avec 44 ajouts et 3 suppressions
Vue séparée Afficher les stats Diff
  1. 15 2
      jsonpb/jsonpb.go
  2. 29 1
      jsonpb/jsonpb_test.go

+ 15 - 2
jsonpb/jsonpb.go
Voir le fichier 

@@ -56,6 +56,8 @@ import (
 
 	stpb "github.com/golang/protobuf/ptypes/struct"
 
 )
 
 
+const secondInNanos = int64(time.Second / time.Nanosecond)
 
+
 
 // Marshaler is a configurable object for converting between
 
 // protocol buffer objects and a JSON representation for them.
 
 type Marshaler struct {
 
@@ -201,8 +203,16 @@ func (m *Marshaler) marshalObject(out *errWriter, v proto.Message, indent, typeU
 
 			// "Generated output always contains 3, 6, or 9 fractional digits,
 
 			//  depending on required precision."
 
 			s, ns := s.Field(0).Int(), s.Field(1).Int()
 
-			d := time.Duration(s)*time.Second + time.Duration(ns)*time.Nanosecond
 
-			x := fmt.Sprintf("%.9f", d.Seconds())
 
+			if ns <= -secondInNanos || ns >= secondInNanos {
 
+				return fmt.Errorf("ns out of range (%v, %v)", -secondInNanos, secondInNanos)
 
+			}
 
+			if (s > 0 && ns < 0) || (s < 0 && ns > 0) {
 
+				return errors.New("signs of seconds and nanos do not match")
 
+			}
 
+			if s < 0 {
 
+				ns = -ns
 
+			}
 
+			x := fmt.Sprintf("%d.%09d", s, ns)
 
 			x = strings.TrimSuffix(x, "000")
 
 			x = strings.TrimSuffix(x, "000")
 
 			out.write(`"`)
 
@@ -217,6 +227,9 @@ func (m *Marshaler) marshalObject(out *errWriter, v proto.Message, indent, typeU
 
 			// "RFC 3339, where generated output will always be Z-normalized
 
 			//  and uses 3, 6 or 9 fractional digits."
 
 			s, ns := s.Field(0).Int(), s.Field(1).Int()
 
+			if ns < 0 || ns >= secondInNanos {
 
+				return fmt.Errorf("ns out of range [0, %v)", secondInNanos)
 
+			}
 
 			t := time.Unix(s, ns).UTC()
 
 			// time.RFC3339Nano isn't exactly right (we need to get 3/6/9 fractional digits).
 
 			x := t.Format("2006-01-02T15:04:05.000000000")

+ 29 - 1
jsonpb/jsonpb_test.go
Voir le fichier 

@@ -407,6 +407,8 @@ var marshalingTests = []struct {
 
 	{"Any with WKT", marshaler, anyWellKnown, anyWellKnownJSON},
 
 	{"Any with WKT and indent", marshalerAllOptions, anyWellKnown, anyWellKnownPrettyJSON},
 
 	{"Duration", marshaler, &pb.KnownTypes{Dur: &durpb.Duration{Seconds: 3}}, `{"dur":"3.000s"}`},
 
+	{"Duration beyond float64 precision", marshaler, &pb.KnownTypes{Dur: &durpb.Duration{Seconds: 100000000, Nanos: 1}}, `{"dur":"100000000.000000001s"}`},
 
+	{"negative Duration", marshaler, &pb.KnownTypes{Dur: &durpb.Duration{Seconds: -123, Nanos: -456}}, `{"dur":"-123.000000456s"}`},
 
 	{"Struct", marshaler, &pb.KnownTypes{St: &stpb.Struct{
 
 		Fields: map[string]*stpb.Value{
 
 			"one": {Kind: &stpb.Value_StringValue{"loneliest number"}},
 
@@ -473,6 +475,32 @@ func TestMarshalingNil(t *testing.T) {
 
 	}
 
 }
 
 
+func TestMarshalIllegalTime(t *testing.T) {
 
+	tests := []struct {
 
+		pb   proto.Message
 
+		fail bool
 
+	}{
 
+		{&pb.KnownTypes{Dur: &durpb.Duration{Seconds: 1, Nanos: 0}}, false},
 
+		{&pb.KnownTypes{Dur: &durpb.Duration{Seconds: -1, Nanos: 0}}, false},
 
+		{&pb.KnownTypes{Dur: &durpb.Duration{Seconds: 1, Nanos: -1}}, true},
 
+		{&pb.KnownTypes{Dur: &durpb.Duration{Seconds: -1, Nanos: 1}}, true},
 
+		{&pb.KnownTypes{Dur: &durpb.Duration{Seconds: 1, Nanos: 1000000000}}, true},
 
+		{&pb.KnownTypes{Dur: &durpb.Duration{Seconds: -1, Nanos: -1000000000}}, true},
 
+		{&pb.KnownTypes{Ts: &tspb.Timestamp{Seconds: 1, Nanos: 1}}, false},
 
+		{&pb.KnownTypes{Ts: &tspb.Timestamp{Seconds: 1, Nanos: -1}}, true},
 
+		{&pb.KnownTypes{Ts: &tspb.Timestamp{Seconds: 1, Nanos: 1000000000}}, true},
 
+	}
 
+	for _, tt := range tests {
 
+		_, err := marshaler.MarshalToString(tt.pb)
 
+		if err == nil && tt.fail {
 
+			t.Errorf("marshaler.MarshalToString(%v) = _, <nil>; want _, <non-nil>", tt.pb)
 
+		}
 
+		if err != nil && !tt.fail {
 
+			t.Errorf("marshaler.MarshalToString(%v) = _, %v; want _, <nil>", tt.pb, err)
 
+		}
 
+	}
 
+}
 
+
 
 func TestMarshalJSONPBMarshaler(t *testing.T) {
 
 	rawJson := `{ "foo": "bar", "baz": [0, 1, 2, 3] }`
 
 	msg := dynamicMessage{rawJson: rawJson}
 
@@ -920,7 +948,7 @@ func TestUnmarshalAnyJSONPBUnmarshaler(t *testing.T) {
 
 	}
 
 
 	if !proto.Equal(&got, &want) {
 
-		t.Errorf("message contents not set correctly after unmarshalling JSON: got %s, wanted %s", got, want)
 
+		t.Errorf("message contents not set correctly after unmarshalling JSON: got %v, wanted %v", got, want)
 
 	}
 
 }