From 5502a19d1ecf7517535d995ccbc95d201e67d318 Mon Sep 17 00:00:00 2001
From: Rusty Russell <rusty@rustcorp.com.au>
Date: Wed, 1 Nov 2017 12:29:58 +1030
Subject: [PATCH] json: reject incoming JSON which has any unusual characters
 in tokens.

ie. non-printable, quotes or escapes.  We allow these outside tokens
(we expect tabs and \n for example).

This is a big hammer, but if someone really wants we can add support
later.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
---
 common/json.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/common/json.c b/common/json.c
index 6ae98637d..22f918617 100644
--- a/common/json.c
+++ b/common/json.c
@@ -272,11 +272,22 @@ bool json_get_params(const char *buffer, const jsmntok_t param[], ...)
 	return true;
 }
 
+static bool strange_chars(const char *str, size_t len)
+{
+	for (size_t i = 0; i < len; i++) {
+		if (!cisprint(str[i]) || str[i] == '"' || str[i] == '\\')
+			return true;
+	}
+
+	return false;
+}
+
 jsmntok_t *json_parse_input(const char *input, int len, bool *valid)
 {
 	jsmn_parser parser;
 	jsmntok_t *toks;
 	jsmnerr_t ret;
+	size_t i;
 
 	toks = tal_arr(input, jsmntok_t, 10);
 
@@ -303,6 +314,19 @@ again:
 	toks[ret].type = -1;
 	toks[ret].start = toks[ret].end = toks[ret].size = 0;
 
+	/* Don't allow tokens to contain weird characters (outside toks ok). */
+	for (i = 0; i < ret; i++) {
+		if (toks[i].type != JSMN_STRING
+		    && toks[i].type != JSMN_PRIMITIVE)
+			continue;
+
+		if (strange_chars(input + toks[i].start,
+				  toks[i].end - toks[i].start)) {
+			*valid = false;
+			return tal_free(toks);
+		}
+	}
+
 	return toks;
 }