[JIRA] (JENKINS-61428) Control chars in Git commit messages cause invalid JSON

drug.knight@gmail.com (JIRA)

unread,

Mar 11, 2020, 8:28:03 AM3/11/20

to jenkinsc...@googlegroups.com

Evgeny Boloboshkin updated an issue

Jenkins /

JENKINS-61428

Control chars in Git commit messages cause invalid JSON

Change By:	Evgeny Boloboshkin
Attachment:	invalid.json

Add Comment

This message was sent by Atlassian Jira (v7.13.12#713012-sha1:6e07c38)

drug.knight@gmail.com (JIRA)

unread,

Mar 11, 2020, 8:28:03 AM3/11/20

to jenkinsc...@googlegroups.com

Evgeny Boloboshkin created an issue

Jenkins /

JENKINS-61428

Control chars in Git commit messages cause invalid JSON

Issue Type:	Bug
Assignee:	Mark Waite
Attachments:	invalid.json
Components:	git-plugin
Created:	2020-03-11 12:27
Environment:	Jenkins version: 2.199 Git plugin version: 3.12.1 OS version: CentOS 7 (3.10.0-1062.1.2.el7.x86_64) Java version: 1.8.0_121 no Tomcat, no reverse proxy
Priority:	Major
Reporter:	Evgeny Boloboshkin

Jenkins generates invalid JSON on http://.../api/json url due to Git commit messages are included in changeset comment attribute as is (the control chars like \x00-\x1F are not filtered).

The excerpt of JSON structure is attached.

Add Comment

mark.earl.waite@gmail.com (JIRA)

unread,

Mar 11, 2020, 8:41:05 AM3/11/20

to jenkinsc...@googlegroups.com

Mark Waite commented on

JENKINS-61428

Re: Control chars in Git commit messages cause invalid JSON

Thanks for the report. I agree that is a bug. The JSON specification for strings states that:

All Unicode characters may be placed within the quotation marks, except for the characters that MUST be escaped: quotation mark, reverse solidus, and the control characters (U+0000 through U+001F).

The example you provided shows a "control-A" character that should be escaped but is not escaped. I believe that character should have been represented as \u0001 instead.