protobuf-go

mirror of https://github.com/protocolbuffers/protobuf-go.git synced 2025-01-01 03:14:16 +00:00

History

Damien Neil f01a588e58 encoding/protojson, internal/encoding/json: handle missing object values In internal/encoding/json, report an error when encountering a } when we are expecting an object field value. For example, the input `{"":}` now correctly results in an error at the closing } token. In encoding/protojson, check for an unexpected EOF token in skipJSONValue. This is redundant with the check in internal/encoding/json, but adds a bit more defense against any other similar bugs that might exist. Fixes CVE-2024-24786 Change-Id: I03d52512acb5091c8549e31ca74541d57e56c99d Reviewed-on: https://go-review.googlesource.com/c/protobuf/+/569356 TryBot-Bypass: Damien Neil <dneil@google.com> Reviewed-by: Roland Shoemaker <roland@golang.org> Commit-Queue: Damien Neil <dneil@google.com>		2024-03-05 19:00:02 +00:00
..
bench_test.go
decode_number.go
decode_string.go
decode_test.go	encoding/protojson, internal/encoding/json: handle missing object values	2024-03-05 19:00:02 +00:00
decode_token.go
decode.go	encoding/protojson, internal/encoding/json: handle missing object values	2024-03-05 19:00:02 +00:00
encode_test.go	encoding: add MarshalAppend to protojson and prototext	2023-05-01 15:10:15 +00:00
encode.go	encoding: add MarshalAppend to protojson and prototext	2023-05-01 15:10:15 +00:00