• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * JSON lexer
3  *
4  * Copyright IBM, Corp. 2009
5  *
6  * Authors:
7  *  Anthony Liguori   <aliguori@us.ibm.com>
8  *
9  * This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
10  * See the COPYING.LIB file in the top-level directory.
11  *
12  */
13 
14 #include "qapi/qmp/qstring.h"
15 #include "qapi/qmp/qlist.h"
16 #include "qapi/qmp/qdict.h"
17 #include "qapi/qmp/qint.h"
18 #include "qemu-common.h"
19 #include "qapi/qmp/json-lexer.h"
20 
21 #define MAX_TOKEN_SIZE (64ULL << 20)
22 
23 /*
24  * \"([^\\\"]|(\\\"\\'\\\\\\/\\b\\f\\n\\r\\t\\u[0-9a-fA-F][0-9a-fA-F][0-9a-fA-F][0-9a-fA-F]))*\"
25  * '([^\\']|(\\\"\\'\\\\\\/\\b\\f\\n\\r\\t\\u[0-9a-fA-F][0-9a-fA-F][0-9a-fA-F][0-9a-fA-F]))*'
26  * 0|([1-9][0-9]*(.[0-9]+)?([eE]([-+])?[0-9]+))
27  * [{}\[\],:]
28  * [a-z]+
29  *
30  */
31 
32 enum json_lexer_state {
33     IN_ERROR = 0,
34     IN_DQ_UCODE3,
35     IN_DQ_UCODE2,
36     IN_DQ_UCODE1,
37     IN_DQ_UCODE0,
38     IN_DQ_STRING_ESCAPE,
39     IN_DQ_STRING,
40     IN_SQ_UCODE3,
41     IN_SQ_UCODE2,
42     IN_SQ_UCODE1,
43     IN_SQ_UCODE0,
44     IN_SQ_STRING_ESCAPE,
45     IN_SQ_STRING,
46     IN_ZERO,
47     IN_DIGITS,
48     IN_DIGIT,
49     IN_EXP_E,
50     IN_MANTISSA,
51     IN_MANTISSA_DIGITS,
52     IN_NONZERO_NUMBER,
53     IN_NEG_NONZERO_NUMBER,
54     IN_KEYWORD,
55     IN_ESCAPE,
56     IN_ESCAPE_L,
57     IN_ESCAPE_LL,
58     IN_ESCAPE_I,
59     IN_ESCAPE_I6,
60     IN_ESCAPE_I64,
61     IN_WHITESPACE,
62     IN_START,
63 };
64 
65 #define TERMINAL(state) [0 ... 0x7F] = (state)
66 
67 /* Return whether TERMINAL is a terminal state and the transition to it
68    from OLD_STATE required lookahead.  This happens whenever the table
69    below uses the TERMINAL macro.  */
70 #define TERMINAL_NEEDED_LOOKAHEAD(old_state, terminal) \
71             (json_lexer[(old_state)][0] == (terminal))
72 
73 static const uint8_t json_lexer[][256] =  {
74     /* double quote string */
75     [IN_DQ_UCODE3] = {
76         ['0' ... '9'] = IN_DQ_STRING,
77         ['a' ... 'f'] = IN_DQ_STRING,
78         ['A' ... 'F'] = IN_DQ_STRING,
79     },
80     [IN_DQ_UCODE2] = {
81         ['0' ... '9'] = IN_DQ_UCODE3,
82         ['a' ... 'f'] = IN_DQ_UCODE3,
83         ['A' ... 'F'] = IN_DQ_UCODE3,
84     },
85     [IN_DQ_UCODE1] = {
86         ['0' ... '9'] = IN_DQ_UCODE2,
87         ['a' ... 'f'] = IN_DQ_UCODE2,
88         ['A' ... 'F'] = IN_DQ_UCODE2,
89     },
90     [IN_DQ_UCODE0] = {
91         ['0' ... '9'] = IN_DQ_UCODE1,
92         ['a' ... 'f'] = IN_DQ_UCODE1,
93         ['A' ... 'F'] = IN_DQ_UCODE1,
94     },
95     [IN_DQ_STRING_ESCAPE] = {
96         ['b'] = IN_DQ_STRING,
97         ['f'] =  IN_DQ_STRING,
98         ['n'] =  IN_DQ_STRING,
99         ['r'] =  IN_DQ_STRING,
100         ['t'] =  IN_DQ_STRING,
101         ['/'] = IN_DQ_STRING,
102         ['\\'] = IN_DQ_STRING,
103         ['\''] = IN_DQ_STRING,
104         ['\"'] = IN_DQ_STRING,
105         ['u'] = IN_DQ_UCODE0,
106     },
107     [IN_DQ_STRING] = {
108         [1 ... 0xBF] = IN_DQ_STRING,
109         [0xC2 ... 0xF4] = IN_DQ_STRING,
110         ['\\'] = IN_DQ_STRING_ESCAPE,
111         ['"'] = JSON_STRING,
112     },
113 
114     /* single quote string */
115     [IN_SQ_UCODE3] = {
116         ['0' ... '9'] = IN_SQ_STRING,
117         ['a' ... 'f'] = IN_SQ_STRING,
118         ['A' ... 'F'] = IN_SQ_STRING,
119     },
120     [IN_SQ_UCODE2] = {
121         ['0' ... '9'] = IN_SQ_UCODE3,
122         ['a' ... 'f'] = IN_SQ_UCODE3,
123         ['A' ... 'F'] = IN_SQ_UCODE3,
124     },
125     [IN_SQ_UCODE1] = {
126         ['0' ... '9'] = IN_SQ_UCODE2,
127         ['a' ... 'f'] = IN_SQ_UCODE2,
128         ['A' ... 'F'] = IN_SQ_UCODE2,
129     },
130     [IN_SQ_UCODE0] = {
131         ['0' ... '9'] = IN_SQ_UCODE1,
132         ['a' ... 'f'] = IN_SQ_UCODE1,
133         ['A' ... 'F'] = IN_SQ_UCODE1,
134     },
135     [IN_SQ_STRING_ESCAPE] = {
136         ['b'] = IN_SQ_STRING,
137         ['f'] =  IN_SQ_STRING,
138         ['n'] =  IN_SQ_STRING,
139         ['r'] =  IN_SQ_STRING,
140         ['t'] =  IN_SQ_STRING,
141         ['/'] = IN_DQ_STRING,
142         ['\\'] = IN_DQ_STRING,
143         ['\''] = IN_SQ_STRING,
144         ['\"'] = IN_SQ_STRING,
145         ['u'] = IN_SQ_UCODE0,
146     },
147     [IN_SQ_STRING] = {
148         [1 ... 0xBF] = IN_SQ_STRING,
149         [0xC2 ... 0xF4] = IN_SQ_STRING,
150         ['\\'] = IN_SQ_STRING_ESCAPE,
151         ['\''] = JSON_STRING,
152     },
153 
154     /* Zero */
155     [IN_ZERO] = {
156         TERMINAL(JSON_INTEGER),
157         ['0' ... '9'] = IN_ERROR,
158         ['.'] = IN_MANTISSA,
159     },
160 
161     /* Float */
162     [IN_DIGITS] = {
163         TERMINAL(JSON_FLOAT),
164         ['0' ... '9'] = IN_DIGITS,
165     },
166 
167     [IN_DIGIT] = {
168         ['0' ... '9'] = IN_DIGITS,
169     },
170 
171     [IN_EXP_E] = {
172         ['-'] = IN_DIGIT,
173         ['+'] = IN_DIGIT,
174         ['0' ... '9'] = IN_DIGITS,
175     },
176 
177     [IN_MANTISSA_DIGITS] = {
178         TERMINAL(JSON_FLOAT),
179         ['0' ... '9'] = IN_MANTISSA_DIGITS,
180         ['e'] = IN_EXP_E,
181         ['E'] = IN_EXP_E,
182     },
183 
184     [IN_MANTISSA] = {
185         ['0' ... '9'] = IN_MANTISSA_DIGITS,
186     },
187 
188     /* Number */
189     [IN_NONZERO_NUMBER] = {
190         TERMINAL(JSON_INTEGER),
191         ['0' ... '9'] = IN_NONZERO_NUMBER,
192         ['e'] = IN_EXP_E,
193         ['E'] = IN_EXP_E,
194         ['.'] = IN_MANTISSA,
195     },
196 
197     [IN_NEG_NONZERO_NUMBER] = {
198         ['0'] = IN_ZERO,
199         ['1' ... '9'] = IN_NONZERO_NUMBER,
200     },
201 
202     /* keywords */
203     [IN_KEYWORD] = {
204         TERMINAL(JSON_KEYWORD),
205         ['a' ... 'z'] = IN_KEYWORD,
206     },
207 
208     /* whitespace */
209     [IN_WHITESPACE] = {
210         TERMINAL(JSON_SKIP),
211         [' '] = IN_WHITESPACE,
212         ['\t'] = IN_WHITESPACE,
213         ['\r'] = IN_WHITESPACE,
214         ['\n'] = IN_WHITESPACE,
215     },
216 
217     /* escape */
218     [IN_ESCAPE_LL] = {
219         ['d'] = JSON_ESCAPE,
220     },
221 
222     [IN_ESCAPE_L] = {
223         ['d'] = JSON_ESCAPE,
224         ['l'] = IN_ESCAPE_LL,
225     },
226 
227     [IN_ESCAPE_I64] = {
228         ['d'] = JSON_ESCAPE,
229     },
230 
231     [IN_ESCAPE_I6] = {
232         ['4'] = IN_ESCAPE_I64,
233     },
234 
235     [IN_ESCAPE_I] = {
236         ['6'] = IN_ESCAPE_I6,
237     },
238 
239     [IN_ESCAPE] = {
240         ['d'] = JSON_ESCAPE,
241         ['i'] = JSON_ESCAPE,
242         ['p'] = JSON_ESCAPE,
243         ['s'] = JSON_ESCAPE,
244         ['f'] = JSON_ESCAPE,
245         ['l'] = IN_ESCAPE_L,
246         ['I'] = IN_ESCAPE_I,
247     },
248 
249     /* top level rule */
250     [IN_START] = {
251         ['"'] = IN_DQ_STRING,
252         ['\''] = IN_SQ_STRING,
253         ['0'] = IN_ZERO,
254         ['1' ... '9'] = IN_NONZERO_NUMBER,
255         ['-'] = IN_NEG_NONZERO_NUMBER,
256         ['{'] = JSON_OPERATOR,
257         ['}'] = JSON_OPERATOR,
258         ['['] = JSON_OPERATOR,
259         [']'] = JSON_OPERATOR,
260         [','] = JSON_OPERATOR,
261         [':'] = JSON_OPERATOR,
262         ['a' ... 'z'] = IN_KEYWORD,
263         ['%'] = IN_ESCAPE,
264         [' '] = IN_WHITESPACE,
265         ['\t'] = IN_WHITESPACE,
266         ['\r'] = IN_WHITESPACE,
267         ['\n'] = IN_WHITESPACE,
268     },
269 };
270 
json_lexer_init(JSONLexer * lexer,JSONLexerEmitter func)271 void json_lexer_init(JSONLexer *lexer, JSONLexerEmitter func)
272 {
273     lexer->emit = func;
274     lexer->state = IN_START;
275     lexer->token = qstring_new();
276     lexer->x = lexer->y = 0;
277 }
278 
json_lexer_feed_char(JSONLexer * lexer,char ch,bool flush)279 static int json_lexer_feed_char(JSONLexer *lexer, char ch, bool flush)
280 {
281     int char_consumed, new_state;
282 
283     lexer->x++;
284     if (ch == '\n') {
285         lexer->x = 0;
286         lexer->y++;
287     }
288 
289     do {
290         new_state = json_lexer[lexer->state][(uint8_t)ch];
291         char_consumed = !TERMINAL_NEEDED_LOOKAHEAD(lexer->state, new_state);
292         if (char_consumed) {
293             qstring_append_chr(lexer->token, ch);
294         }
295 
296         switch (new_state) {
297         case JSON_OPERATOR:
298         case JSON_ESCAPE:
299         case JSON_INTEGER:
300         case JSON_FLOAT:
301         case JSON_KEYWORD:
302         case JSON_STRING:
303             lexer->emit(lexer, lexer->token, new_state, lexer->x, lexer->y);
304             /* fall through */
305         case JSON_SKIP:
306             QDECREF(lexer->token);
307             lexer->token = qstring_new();
308             new_state = IN_START;
309             break;
310         case IN_ERROR:
311             /* XXX: To avoid having previous bad input leaving the parser in an
312              * unresponsive state where we consume unpredictable amounts of
313              * subsequent "good" input, percolate this error state up to the
314              * tokenizer/parser by forcing a NULL object to be emitted, then
315              * reset state.
316              *
317              * Also note that this handling is required for reliable channel
318              * negotiation between QMP and the guest agent, since chr(0xFF)
319              * is placed at the beginning of certain events to ensure proper
320              * delivery when the channel is in an unknown state. chr(0xFF) is
321              * never a valid ASCII/UTF-8 sequence, so this should reliably
322              * induce an error/flush state.
323              */
324             lexer->emit(lexer, lexer->token, JSON_ERROR, lexer->x, lexer->y);
325             QDECREF(lexer->token);
326             lexer->token = qstring_new();
327             new_state = IN_START;
328             lexer->state = new_state;
329             return 0;
330         default:
331             break;
332         }
333         lexer->state = new_state;
334     } while (!char_consumed && !flush);
335 
336     /* Do not let a single token grow to an arbitrarily large size,
337      * this is a security consideration.
338      */
339     if (lexer->token->length > MAX_TOKEN_SIZE) {
340         lexer->emit(lexer, lexer->token, lexer->state, lexer->x, lexer->y);
341         QDECREF(lexer->token);
342         lexer->token = qstring_new();
343         lexer->state = IN_START;
344     }
345 
346     return 0;
347 }
348 
json_lexer_feed(JSONLexer * lexer,const char * buffer,size_t size)349 int json_lexer_feed(JSONLexer *lexer, const char *buffer, size_t size)
350 {
351     size_t i;
352 
353     for (i = 0; i < size; i++) {
354         int err;
355 
356         err = json_lexer_feed_char(lexer, buffer[i], false);
357         if (err < 0) {
358             return err;
359         }
360     }
361 
362     return 0;
363 }
364 
json_lexer_flush(JSONLexer * lexer)365 int json_lexer_flush(JSONLexer *lexer)
366 {
367     return lexer->state == IN_START ? 0 : json_lexer_feed_char(lexer, 0, true);
368 }
369 
json_lexer_destroy(JSONLexer * lexer)370 void json_lexer_destroy(JSONLexer *lexer)
371 {
372     QDECREF(lexer->token);
373 }
374