Validate that parsed string is a JSON Object.

Without this, parsing may crash if the input is a valid JSON value, but not a JSON Object. PiperOrigin-RevId: 621489078
tink-crypto · Apr 3, 2024 · c7e4795 · c7e4795
1 parent 6e5d0ea
commit c7e4795
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 3 deletions.
diff --git a/cc/core/json_keyset_reader.cc b/cc/core/json_keyset_reader.cc
@@ -20,7 +20,6 @@
 #include <istream>
 #include <iterator>
 #include <memory>
-#include <sstream>
 #include <string>
 #include <utility>
 
@@ -34,8 +33,6 @@
 #include "include/rapidjson/rapidjson.h"
 #include "tink/keyset_reader.h"
 #include "tink/util/enums.h"
-#include "tink/util/errors.h"
-#include "tink/util/protobuf_helper.h"
 #include "tink/util/status.h"
 #include "tink/util/statusor.h"
 #include "proto/tink.pb.h"
@@ -252,6 +249,10 @@ util::StatusOr<std::unique_ptr<Keyset>> JsonKeysetReader::Read() {
             "Invalid JSON Keyset: Error (offset ", json_doc.GetErrorOffset(),
             "): ", rapidjson::GetParseError_En(json_doc.GetParseError())));
   }
+  if (!json_doc.IsObject()) {
+    return util::Status(absl::StatusCode::kInvalidArgument,
+                        "Invalid JSON Keyset: Expected object.");
+  }
   return KeysetFromJson(json_doc);
 }
 

diff --git a/cc/core/json_keyset_reader_test.cc b/cc/core/json_keyset_reader_test.cc
@@ -195,6 +195,15 @@ TEST_F(JsonKeysetReaderTest, testReadFromString) {
     EXPECT_FALSE(read_result.ok());
     EXPECT_EQ(absl::StatusCode::kInvalidArgument, read_result.status().code());
   }
+
+  {  // A valid JSON value, but not a JSON object.
+    auto reader_result = JsonKeysetReader::New("124");
+    EXPECT_TRUE(reader_result.ok()) << reader_result.status();
+    auto reader = std::move(reader_result.value());
+    auto read_result = reader->Read();
+    EXPECT_FALSE(read_result.ok());
+    EXPECT_EQ(absl::StatusCode::kInvalidArgument, read_result.status().code());
+  }
 }
 
 TEST_F(JsonKeysetReaderTest, testReadFromStream) {