From b1b789df4203296a848fec6a3513f30efceb1a45 Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Tue, 6 Feb 2024 15:30:29 -0500
Subject: Detect end of input inside an unfinished JSON string

---
 libqpdf/JSON.cc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'libqpdf')

diff --git a/libqpdf/JSON.cc b/libqpdf/JSON.cc
index 28f451a9..27405df7 100644
--- a/libqpdf/JSON.cc
+++ b/libqpdf/JSON.cc
@@ -628,6 +628,7 @@ namespace
             ls_number_e_sign,
             ls_alpha,
             ls_string,
+            ls_after_string,
             ls_backslash,
             ls_u4,
             ls_begin_array,
@@ -1039,7 +1040,7 @@ JSONParser::getToken()
                             "JSON: offset " + std::to_string(high_offset) +
                             ": UTF-16 high surrogate not followed by low surrogate");
                     }
-                    ignore();
+                    ignore(ls_after_string);
                     return;
                 } else if (*p == '\\') {
                     ignore(ls_backslash);
@@ -1234,7 +1235,7 @@ JSONParser::handleToken()
         }
         break;
 
-    case ls_string:
+    case ls_after_string:
         if (parser_state == ps_dict_begin || parser_state == ps_dict_after_comma) {
             dict_key = token;
             dict_key_offset = token_start;
-- 
cgit v1.2.3-54-g00ecf