From 5ac6a12e0a76613d29edc65beb6b99af45172493 Mon Sep 17 00:00:00 2001
From: m-holger <m-holger@kubitscheck.org>
Date: Sun, 29 Jan 2023 11:39:15 +0000
Subject: In JSONParser::getToken reject illegal control characters

---
 libqpdf/JSON.cc | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

(limited to 'libqpdf')

diff --git a/libqpdf/JSON.cc b/libqpdf/JSON.cc
index b972d8aa..da0de9eb 100644
--- a/libqpdf/JSON.cc
+++ b/libqpdf/JSON.cc
@@ -780,10 +780,22 @@ JSONParser::getToken()
             }
         }
 
-        if (*p == 0) {
-            QTC::TC("libtests", "JSON parse null character");
-            throw std::runtime_error(
-                "JSON: null character at offset " + std::to_string(offset));
+        if ((*p < 32 && *p >= 0)) {
+            if (*p == '\t' || *p == '\n' || *p == '\r') {
+                // Legal white space not permitted in strings. This will always
+                // end the current token (unless we are still before the start
+                // of the token).
+                if (lex_state == ls_top) {
+                    // Continue with token
+                } else {
+                    // done
+                }
+            } else {
+                QTC::TC("libtests", "JSON parse null character");
+                throw std::runtime_error(
+                    "JSON: control or null character at offset " +
+                    std::to_string(offset));
+            }
         }
         action = append;
         switch (lex_state) {
-- 
cgit v1.2.3-70-g09d2