Overflow when parsing 64 bit unsigned JSON values

[sma...@cray.com]

We are using Jansson to process JSON data that contains 64 bit unsigned values.  Whenever the value is large enough to have the top bit set we get a too big integer error.  Since the value is actually not too big if the integer is considered as 64 bit unsigned we have modified the Jansson library to use unsigned conversions on integer input.  Obviously, we cast the json_int_t to an unsigned when we use it.

We are using the following patch to modify Jansson for our use, however we thought we would offer it for consideration for incorporation into the official Jansson library.

There may be other better solutions that have not occurred to us or are much larger changes.

Stuart Maybee

Cray, Inc.

diff --git a/src/load.c b/src/load.c

index 8700919..0ca511a 100644

--- a/src/load.c

+++ b/src/load.c

@@ -483,11 +483,14 @@ out:

 #if JSON_INTEGER_IS_LONG_LONG

 #ifdef _MSC_VER  /* Microsoft Visual Studio */

 #define json_strtoint     _strtoi64

+#define json_strtouint    _strtoui64

 #else

 #define json_strtoint     strtoll

+#define json_strtouint    strtoull

 #endif

 #else

 #define json_strtoint     strtol

+#define json_strtouint    strtoul

 #endif

 #endif

@@ -529,9 +532,13 @@ static int lex_scan_number(lex_t *lex, int c, json_error_t *error)

         saved_text = strbuffer_value(&lex->saved_text);

         errno = 0;

-        intval = json_strtoint(saved_text, &end, 10);

+       /*

+        * Use unsigned conversion so 64 bit unsigned input won't cause

+        * overflow.

+        */

+       intval = (json_int_t)json_strtouint(saved_text, &end, 10);

         if(errno == ERANGE) {

-            if(intval < 0)

+            if(*saved_text == '-')

                 error_set(error, lex, json_error_numeric_overflow, "too big negative integer");

             else

                 error_set(error, lex, json_error_numeric_overflow, "too big integer");