json_encode: Always escape U+2028 and U+2029.

kohler · kohler · commit 1be9f5110f47 · 2015-12-29T01:31:40.000Z
These characters are illegal in Javascript, so leaving them unescaped
is risky.
diff --git a/ext/json/json_encoder.c b/ext/json/json_encoder.c
@@ -321,8 +321,8 @@ static void php_json_escape_string(smart_str *buf, char *s, size_t len, int opti
 
 	do {
 		us = (unsigned char)s[pos];
-		if (us >= 0x80 && !(options & PHP_JSON_UNESCAPED_UNICODE)) {
-			/* UTF-8 character */
+		if (us >= 0x80 && (!(options & PHP_JSON_UNESCAPED_UNICODE) || us == 0xE2)) {
+			/* UTF-8 character (and always escape U+2028/U+2029) */
 			us = php_next_utf8_char((const unsigned char *)s, len, &pos, &status);
 			if (status != SUCCESS) {
 				if (buf->s) {
@@ -332,6 +332,11 @@ static void php_json_escape_string(smart_str *buf, char *s, size_t len, int opti
 				smart_str_appendl(buf, "null", 4);
 				return;
 			}
+            if (us != 0x2028 && us != 0x2029 && (options & PHP_JSON_UNESCAPED_UNICODE)) {
+                pos -= 3;
+                us = (unsigned char)s[pos];
+                goto unescaped_char;
+            }
 			/* From http://en.wikipedia.org/wiki/UTF16 */
 			if (us >= 0x10000) {
 				unsigned int next_us;
@@ -351,6 +356,7 @@ static void php_json_escape_string(smart_str *buf, char *s, size_t len, int opti
 			smart_str_appendc(buf, digits[(us & 0xf0)   >> 4]);
 			smart_str_appendc(buf, digits[(us & 0xf)]);
 		} else {
+        unescaped_char:
 			pos++;
 
 			switch (us) {
diff --git a/ext/json/tests/json_encode_u2028_u2029.phpt b/ext/json/tests/json_encode_u2028_u2029.phpt
@@ -0,0 +1,28 @@
+--TEST--
+json_encode() tests for U+2028, U+2029
+--SKIPIF--
+<?php if (!extension_loaded("json")) print "skip"; ?>
+--FILE--
+<?php
+var_dump(json_encode(array("a\xC3\xA1b")));
+var_dump(json_encode(array("a\xC3\xA1b"), JSON_UNESCAPED_UNICODE));
+var_dump(json_encode("a\xE2\x80\xA7b"));
+var_dump(json_encode("a\xE2\x80\xA7b", JSON_UNESCAPED_UNICODE));
+var_dump(json_encode("a\xE2\x80\xA8b"));
+var_dump(json_encode("a\xE2\x80\xA8b", JSON_UNESCAPED_UNICODE));
+var_dump(json_encode("a\xE2\x80\xA9b"));
+var_dump(json_encode("a\xE2\x80\xA9b", JSON_UNESCAPED_UNICODE));
+var_dump(json_encode("a\xE2\x80\xAAb"));
+var_dump(json_encode("a\xE2\x80\xAAb", JSON_UNESCAPED_UNICODE));
+?>
+--EXPECT--
+string(12) "["a\u00e1b"]"
+string(8) "["aáb"]"
+string(10) ""a\u2027b""
+string(7) ""a‧b""
+string(10) ""a\u2028b""
+string(10) ""a\u2028b""
+string(10) ""a\u2029b""
+string(10) ""a\u2029b""
+string(10) ""a\u202ab""
+string(7) ""a‪b""
