Parse the input text into an unescaped cinput, and populate item. */
| 822 | |
| 823 | /* Parse the input text into an unescaped cinput, and populate item. */ |
| 824 | static cJSON_bool parse_string(cJSON * const item, parse_buffer * const input_buffer) |
| 825 | { |
| 826 | const unsigned char *input_pointer = buffer_at_offset(input_buffer) + 1; |
| 827 | const unsigned char *input_end = buffer_at_offset(input_buffer) + 1; |
| 828 | unsigned char *output_pointer = NULL; |
| 829 | unsigned char *output = NULL; |
| 830 | |
| 831 | /* not a string */ |
| 832 | if (buffer_at_offset(input_buffer)[0] != '\"') |
| 833 | { |
| 834 | goto fail; |
| 835 | } |
| 836 | |
| 837 | { |
| 838 | /* calculate approximate size of the output (overestimate) */ |
| 839 | size_t allocation_length = 0; |
| 840 | size_t skipped_bytes = 0; |
| 841 | while (((size_t)(input_end - input_buffer->content) < input_buffer->length) && (*input_end != '\"')) |
| 842 | { |
| 843 | /* is escape sequence */ |
| 844 | if (input_end[0] == '\\') |
| 845 | { |
| 846 | if ((size_t)(input_end + 1 - input_buffer->content) >= input_buffer->length) |
| 847 | { |
| 848 | /* prevent buffer overflow when last input character is a backslash */ |
| 849 | goto fail; |
| 850 | } |
| 851 | skipped_bytes++; |
| 852 | input_end++; |
| 853 | } |
| 854 | input_end++; |
| 855 | } |
| 856 | if (((size_t)(input_end - input_buffer->content) >= input_buffer->length) || (*input_end != '\"')) |
| 857 | { |
| 858 | goto fail; /* string ended unexpectedly */ |
| 859 | } |
| 860 | |
| 861 | /* This is at most how much we need for the output */ |
| 862 | allocation_length = (size_t) (input_end - buffer_at_offset(input_buffer)) - skipped_bytes; |
| 863 | output = (unsigned char*)input_buffer->hooks.allocate(allocation_length + sizeof("")); |
| 864 | if (output == NULL) |
| 865 | { |
| 866 | goto fail; /* allocation failure */ |
| 867 | } |
| 868 | } |
| 869 | |
| 870 | output_pointer = output; |
| 871 | /* loop through the string literal */ |
| 872 | while (input_pointer < input_end) |
| 873 | { |
| 874 | if (*input_pointer != '\\') |
| 875 | { |
| 876 | *output_pointer++ = *input_pointer++; |
| 877 | } |
| 878 | /* escape sequence */ |
| 879 | else |
| 880 | { |
| 881 | unsigned char sequence_length = 2; |
no test coverage detected