| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Fix incremental JSON parser numeric token reassembly across chun |
| Date: | 2026-04-10 13:32:37 |
| Message-ID: | E1wBByO-000Iyn-1r@gemulon.postgresql.org |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Fix incremental JSON parser numeric token reassembly across chunks.
When the incremental JSON parser splits a numeric token across chunk
boundaries, it accumulates continuation characters into the partial
token buffer. The accumulator's switch statement unconditionally
accepted '+', '-', '.', 'e', and 'E' as valid numeric continuations
regardless of position, which violated JSON number grammar
(-? int [frac] [exp]). For example, input "4-" fed in single-byte
chunks would accumulate the '-' into the numeric token, producing an
invalid token that later triggered an assertion failure during
re-lexing.
Fix by tracking parser state (seen_dot, seen_exp, prev character)
across the existing partial token and incoming bytes, so that each
character class is accepted only in its grammatically valid position.
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/2478bd5db0aad3599802636201af7adc170ba280
Modified Files
--------------
src/common/jsonapi.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++------
1 file changed, 55 insertions(+), 6 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2026-04-10 13:57:30 | pgsql: Revert "Add built-in fuzzing harnesses for security testing." |
| Previous Message | Aleksander Alekseev | 2026-04-10 10:35:39 | Re: pgsql: Allow autovacuum to use parallel vacuum workers. |