BigfootDev/flatbuffers
1
0
Fork 1
mirror of https://github.com/google/flatbuffers.git synced 2026-06-02 20:15:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Disable parsing of nested_flatbuffers as bytes by default

Browse Source 
Parsing as bytes produces buffers that are unsafe to access unless passed thru a verifier,
whereas users could reasonably assume that any JSON parsed without errors is safe to access.
Users that still have legacy JSON files with such bytes in it will get a helpful error point them
to the option to turn on to have it work again.
This commit is contained in:
Wouter van Oortmerssen
2021-12-15 10:41:29 -08:00
parent 2dc8ae7742
commit b8aaccee82
4 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/idl_parser.cpp
View File

@@ -1671,7 +1671,12 @@ CheckedError Parser::ParseNestedFlatbuffer(Value &val, FieldDef *field,
size_t fieldn,
const StructDef *parent_struct_def) {
if (token_ == '[') { // backwards compat for 'legacy' ubyte buffers
ECHECK(ParseAnyValue(val, field, fieldn, parent_struct_def, 0));
if (opts.json_nested_legacy_flatbuffers) {
ECHECK(ParseAnyValue(val, field, fieldn, parent_struct_def, 0));
} else {
return Error("cannot parse nested_flatbuffer as bytes unless"
" --json-nested-bytes is set");
}
} else {
auto cursor_at_value_begin = cursor_;
ECHECK(SkipAnyJsonValue());