More

dawesc · cdunn2001 · commit 1f732671743e · 2016-03-14T19:16:37.000-05:00
diff --git a/src/jsontestrunner/main.cpp b/src/jsontestrunner/main.cpp
@@ -151,7 +151,7 @@ static int parseAndSaveValueTree(const JSONCPP_STRING& input,
                                  Json::Value* root)
 {
   Json::Reader reader(features);
-  bool parsingSuccessful = reader.parse(input, *root);
+  bool parsingSuccessful = reader.parse(input.data(), input.data() + input.size(), *root);
   if (!parsingSuccessful) {
     printf("Failed to parse %s file: \n%s\n",
            kind.c_str(),
diff --git a/src/lib_json/json_reader.cpp b/src/lib_json/json_reader.cpp
@@ -98,7 +98,8 @@ Reader::Reader(const Features& features)
 
 bool
 Reader::parse(const std::string& document, Value& root, bool collectComments) {
-  document_ = document;
+  JSONCPP_STRING documentCopy(document.data(), document.data() + document.capacity());
+  std::swap(documentCopy, document_);
   const char* begin = document_.c_str();
   const char* end = begin + document_.length();
   return parse(begin, end, root, collectComments);
@@ -114,7 +115,7 @@ bool Reader::parse(std::istream& sin, Value& root, bool collectComments) {
   // create an extra copy.
   JSONCPP_STRING doc;
   std::getline(sin, doc, (char)EOF);
-  return parse(doc, root, collectComments);
+  return parse(doc.data(), doc.data() + doc.size(), root, collectComments);
 }
 
 bool Reader::parse(const char* beginDoc,
diff --git a/src/lib_json/json_value.cpp b/src/lib_json/json_value.cpp
@@ -138,7 +138,25 @@ inline static void decodePrefixedString(
 }
 /** Free the string duplicated by duplicateStringValue()/duplicateAndPrefixStringValue().
  */
-static inline void releaseStringValue(char* value) { free(value); }
+static inline void releasePrefixedStringValue(char* value) {
+#if JSON_USE_SECURE_MEMORY
+  unsigned length = 0;
+  const char* valueDecoded;
+  decodePrefixedString(true, value, &length, &valueDecoded);
+  length += sizeof(unsigned) + 1;
+  memset(value, 0, length);
+#endif
+  free(value);
+}
+
+static inline void releaseStringValue(char* value, unsigned length) {
+#if JSON_USE_SECURE_MEMORY
+  if (length == 0)
+    length = static_cast<unsigned>(strlen(value)); //As we allocated the strings memory
+  memset(value, 0, length);
+#endif
+  free(value);
+}
 
 } // namespace Json
 
@@ -193,12 +211,12 @@ Value::CommentInfo::CommentInfo() : comment_(0)
 
 Value::CommentInfo::~CommentInfo() {
   if (comment_)
-    releaseStringValue(comment_);
+    releaseStringValue(comment_, 0u);
 }
 
 void Value::CommentInfo::setComment(const char* text, size_t len) {
   if (comment_) {
-    releaseStringValue(comment_);
+    releaseStringValue(comment_, 0u);
     comment_ = 0;
   }
   JSON_ASSERT(text != 0);
@@ -229,10 +247,10 @@ Value::CZString::CZString(char const* str, unsigned ulength, DuplicationPolicy a
   storage_.length_ = ulength & 0x3FFFFFFF;
 }
 
-Value::CZString::CZString(const CZString& other)
-    : cstr_(other.storage_.policy_ != noDuplication && other.cstr_ != 0
-                ? duplicateStringValue(other.cstr_, other.storage_.length_)
-                : other.cstr_) {
+Value::CZString::CZString(const CZString& other) {
+  cstr_ = (other.storage_.policy_ != noDuplication && other.cstr_ != 0
+				 ? duplicateStringValue(other.cstr_, other.storage_.length_)
+				 : other.cstr_);
   storage_.policy_ = static_cast<unsigned>(other.cstr_
                  ? (static_cast<DuplicationPolicy>(other.storage_.policy_) == noDuplication
                      ? noDuplication : duplicate)
@@ -248,8 +266,14 @@ Value::CZString::CZString(CZString&& other)
 #endif
 
 Value::CZString::~CZString() {
-  if (cstr_ && storage_.policy_ == duplicate)
-    releaseStringValue(const_cast<char*>(cstr_));
+  if (cstr_ && storage_.policy_ == duplicate) {
+#if JSON_USE_SECURE_MEMORY
+	  releaseStringValue(const_cast<char*>(cstr_), storage_.length_ + 1u); //+1 for null terminating character for sake of completeness but not actually necessary
+#else
+	  releaseStringValue(const_cast<char*>(cstr_), storage_.length_ + 1u);
+#endif
+
+  }
 }
 
 void Value::CZString::swap(CZString& other) {
@@ -455,7 +479,7 @@ Value::~Value() {
     break;
   case stringValue:
     if (allocated_)
-      releaseStringValue(value_.string_);
+      releasePrefixedStringValue(value_.string_);
     break;
   case arrayValue:
   case objectValue:
@@ -467,6 +491,8 @@ Value::~Value() {
 
   if (comments_)
     delete[] comments_;
+
+  value_.uint_ = 0;
 }
 
 Value& Value::operator=(Value other) {
@@ -611,6 +637,18 @@ const char* Value::asCString() const {
   return this_str;
 }
 
+#if JSON_USE_SECURE_MEMORY
+unsigned Value::getCStringLength() const {
+  JSON_ASSERT_MESSAGE(type_ == stringValue,
+	                  "in Json::Value::asCString(): requires stringValue");
+  if (value_.string_ == 0) return 0;
+  unsigned this_len;
+  char const* this_str;
+  decodePrefixedString(this->allocated_, this->value_.string_, &this_len, &this_str);
+  return this_len;
+}
+#endif
+
 bool Value::getString(char const** str, char const** cend) const {
   if (type_ != stringValue) return false;
   if (value_.string_ == 0) return false;

Original file line number	Diff line number	Diff line change
`@@ -151,7 +151,7 @@ static int parseAndSaveValueTree(const JSONCPP_STRING& input,`
`151`	`151`	`Json::Value* root)`
`152`	`152`	`{`
`153`	`153`	`Json::Reader reader(features);`
`154`		`- bool parsingSuccessful = reader.parse(input, *root);`
	`154`	`+ bool parsingSuccessful = reader.parse(input.data(), input.data() + input.size(), *root);`
`155`	`155`	`if (!parsingSuccessful) {`
`156`	`156`	`printf("Failed to parse %s file: \n%s\n",`
`157`	`157`	`kind.c_str(),`