From 90f8e2168bc12e74f37dc82ea78a2309c6cb53cc Mon Sep 17 00:00:00 2001 From: "skerner@chromium.org" Date: Tue, 17 Aug 2010 15:21:43 +0000 Subject: Forbid NaN and infinite numbers in extensions API type validator. BUG=51449 TEST=JsonSchemaTest.TestNumber Review URL: http://codereview.chromium.org/3158015 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@56350 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/renderer/resources/json_schema.js | 10 ++++++++++ chrome/test/data/extensions/json_schema_test.js | 21 ++++++++++++++++++--- 2 files changed, 28 insertions(+), 3 deletions(-) diff --git a/chrome/renderer/resources/json_schema.js b/chrome/renderer/resources/json_schema.js index fee7b02..ff1c0a0 100644 --- a/chrome/renderer/resources/json_schema.js +++ b/chrome/renderer/resources/json_schema.js @@ -72,6 +72,7 @@ chromeHidden.JSONSchemaValidator.messages = { stringMinLength: "String must be at least * characters long.", stringMaxLength: "String must not be more than * characters long.", stringPattern: "String must match the pattern: *.", + numberFiniteNotNan: "Value must not be *.", numberMinValue: "Value must not be less than *.", numberMaxValue: "Value must not be greater than *.", numberMaxDecimal: "Value must not have more than * decimal places.", @@ -395,6 +396,15 @@ chromeHidden.JSONSchemaValidator.prototype.validateString = function( */ chromeHidden.JSONSchemaValidator.prototype.validateNumber = function( instance, schema, path) { + + // Forbid NaN, +Infinity, and -Infinity. Our APIs don't use them, and + // JSON serialization encodes them as 'null'. Re-evaluate supporting + // them if we add an API that could reasonably take them as a parameter. + if (isNaN(instance) || + instance == Number.POSITIVE_INFINITY || + instance == Number.NEGATIVE_INFINITY ) + this.addError(path, "numberFiniteNotNan", [instance]); + if (schema.minimum && instance < schema.minimum) this.addError(path, "numberMinValue", [schema.minimum]); diff --git a/chrome/test/data/extensions/json_schema_test.js b/chrome/test/data/extensions/json_schema_test.js index 58fa8f3..ee17ec6 100644 --- a/chrome/test/data/extensions/json_schema_test.js +++ b/chrome/test/data/extensions/json_schema_test.js @@ -235,7 +235,7 @@ function testObject() { assertValid("Object", b, classBSchema); assertValid("Object", b, classASchema); assertNotValid("Object", c, classASchema, - [formatError("notInstance", [classASchema.isInstanceOf])]); + [formatError("notInstance", [classASchema.isInstanceOf])]); } function testTypeReference() { @@ -293,8 +293,8 @@ function testTypeReference() { // Failures in validation, but succesful schema reference. assertNotValid("", {foo:"foo",bar:4,baz:"a"}, schema, [formatError("stringMinLength", [2])], referencedTypes); - assertNotValid("", {foo:"foo",bar:20,baz:"abc"}, schema, - [formatError("numberMaxValue", [10])], referencedTypes); + assertNotValid("", {foo:"foo",bar:20,baz:"abc"}, schema, + [formatError("numberMaxValue", [10])], referencedTypes); // Remove MinLengthString type. referencedTypes.shift(); @@ -404,6 +404,21 @@ function testNumber() { assertNotValid("Number", 100.111, schema, [formatError("numberMaxValue", [schema.maximum]), formatError("numberMaxDecimal", [schema.maxDecimal])]); + + var nan = 0/0; + assert(isNaN(nan)); + assertNotValid("Number", nan, schema, + [formatError("numberFiniteNotNan", ["NaN"])]); + + assertNotValid("Number", Number.POSITIVE_INFINITY, schema, + [formatError("numberFiniteNotNan", ["Infinity"]), + formatError("numberMaxValue", [schema.maximum]) + ]); + + assertNotValid("Number", Number.NEGATIVE_INFINITY, schema, + [formatError("numberFiniteNotNan", ["-Infinity"]), + formatError("numberMinValue", [schema.minimum]) + ]); } function testType() { -- cgit v1.1