From d8da295e40aeb171b4bf1c612c1186f2d4b392fc Mon Sep 17 00:00:00 2001
From: Jason Turner <jason@emptycrate.com>
Date: Wed, 19 Jul 2017 10:47:17 -0600
Subject: [PATCH] Check string accesses during JSON parsing

---
 include/chaiscript/utility/json.hpp      | 38 ++++++++++++------------
 include/chaiscript/utility/json_wrap.hpp |  6 +++-
 2 files changed, 24 insertions(+), 20 deletions(-)

diff --git a/include/chaiscript/utility/json.hpp b/include/chaiscript/utility/json.hpp
index 676b4699..693f19da 100644
--- a/include/chaiscript/utility/json.hpp
+++ b/include/chaiscript/utility/json.hpp
@@ -463,7 +463,7 @@ struct JSONParser {
   }
 
   static void consume_ws( const std::string &str, size_t &offset ) {
-    while( isspace( str[offset] ) && offset <= str.size() ) { ++offset; }
+    while( isspace( str.at(offset) ) && offset <= str.size() ) { ++offset; }
   }
 
   static JSON parse_object( const std::string &str, size_t &offset ) {
@@ -471,29 +471,29 @@ struct JSONParser {
 
     ++offset;
     consume_ws( str, offset );
-    if( str[offset] == '}' ) {
+    if( str.at(offset) == '}' ) {
       ++offset; return Object;
     }
 
     for (;offset<str.size();) {
       JSON Key = parse_next( str, offset );
       consume_ws( str, offset );
-      if( str[offset] != ':' ) {
-        throw std::runtime_error(std::string("JSON ERROR: Object: Expected colon, found '") + str[offset] + "'\n");
+      if( str.at(offset) != ':' ) {
+        throw std::runtime_error(std::string("JSON ERROR: Object: Expected colon, found '") + str.at(offset) + "'\n");
       }
       consume_ws( str, ++offset );
       JSON Value = parse_next( str, offset );
       Object[Key.to_string()] = Value;
 
       consume_ws( str, offset );
-      if( str[offset] == ',' ) {
+      if( str.at(offset) == ',' ) {
         ++offset; continue;
       }
-      else if( str[offset] == '}' ) {
+      else if( str.at(offset) == '}' ) {
         ++offset; break;
       }
       else {
-        throw std::runtime_error(std::string("JSON ERROR: Object: Expected comma, found '") + str[offset] + "'\n");
+        throw std::runtime_error(std::string("JSON ERROR: Object: Expected comma, found '") + str.at(offset) + "'\n");
       }
     }
 
@@ -506,7 +506,7 @@ struct JSONParser {
 
     ++offset;
     consume_ws( str, offset );
-    if( str[offset] == ']' ) {
+    if( str.at(offset) == ']' ) {
       ++offset; return Array;
     }
 
@@ -514,14 +514,14 @@ struct JSONParser {
       Array[index++] = parse_next( str, offset );
       consume_ws( str, offset );
 
-      if( str[offset] == ',' ) {
+      if( str.at(offset) == ',' ) {
         ++offset; continue;
       }
-      else if( str[offset] == ']' ) {
+      else if( str.at(offset) == ']' ) {
         ++offset; break;
       }
       else {
-        throw std::runtime_error(std::string("JSON ERROR: Array: Expected ',' or ']', found '") + str[offset] + "'\n");
+        throw std::runtime_error(std::string("JSON ERROR: Array: Expected ',' or ']', found '") + str.at(offset) + "'\n");
       }
     }
 
@@ -530,9 +530,9 @@ struct JSONParser {
 
   static JSON parse_string( const std::string &str, size_t &offset ) {
     std::string val;
-    for( char c = str[++offset]; c != '\"' ; c = str[++offset] ) {
+    for( char c = str.at(++offset); c != '\"' ; c = str.at(++offset) ) {
       if( c == '\\' ) {
-        switch( str[ ++offset ] ) {
+        switch( str.at(++offset) ) {
           case '\"': val += '\"'; break;
           case '\\': val += '\\'; break;
           case '/' : val += '/' ; break;
@@ -544,7 +544,7 @@ struct JSONParser {
           case 'u' : {
                        val += "\\u" ;
                        for( size_t i = 1; i <= 4; ++i ) {
-                         c = str[offset+i];
+                         c = str.at(offset+i);
                          if( (c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F') ) {
                            val += c;
                          } else {
@@ -569,12 +569,12 @@ struct JSONParser {
     bool isDouble = false;
     bool isNegative = false;
     long exp = 0;
-    if( offset < str.size() && str[offset] == '-' ) {
+    if( offset < str.size() && str.at(offset) == '-' ) {
       isNegative = true;
       ++offset;
     }
     for (; offset < str.size() ;) {
-      c = str[offset++];
+      c = str.at(offset++);
       if( c >= '0' && c <= '9' ) {
         val += c;
       } else if( c == '.' && !isDouble ) {
@@ -585,7 +585,7 @@ struct JSONParser {
       }
     }
     if( offset < str.size() && (c == 'E' || c == 'e' )) {
-      c = str[ offset++ ];
+      c = str.at(offset++);
       if( c == '-' ) { 
         exp_str += '-';
       } else if( c == '+' ) {
@@ -595,7 +595,7 @@ struct JSONParser {
       }
 
       for (; offset < str.size() ;) {
-        c = str[ offset++ ];
+        c = str.at(offset++);
         if( c >= '0' && c <= '9' ) {
           exp_str += c;
         } else if( !isspace( c ) && c != ',' && c != ']' && c != '}' ) {
@@ -646,7 +646,7 @@ struct JSONParser {
   static JSON parse_next( const std::string &str, size_t &offset ) {
     char value;
     consume_ws( str, offset );
-    value = str[offset];
+    value = str.at(offset);
     switch( value ) {
       case '[' : return parse_array( str, offset );
       case '{' : return parse_object( str, offset );
diff --git a/include/chaiscript/utility/json_wrap.hpp b/include/chaiscript/utility/json_wrap.hpp
index c0af1cd8..6a6ccd02 100644
--- a/include/chaiscript/utility/json_wrap.hpp
+++ b/include/chaiscript/utility/json_wrap.hpp
@@ -63,7 +63,11 @@ namespace chaiscript
 
       static Boxed_Value from_json(const std::string &t_json)
       {
-        return from_json( json::JSON::Load(t_json) );
+        try {
+          return from_json( json::JSON::Load(t_json) );
+        } catch (...) {
+          throw std::runtime_error("Unparsed JSON input");
+        }
       }
 
       static std::string to_json(const Boxed_Value &t_bv)