1 /* JSON core and helpers */
2 #include "config.h"
3 #include <assert.h>
4 #include <ccan/json_escape/json_escape.h>
5 #include <ccan/mem/mem.h>
6 #include <ccan/str/hex/hex.h>
7 #include <ccan/tal/str/str.h>
8 #include <ccan/time/time.h>
9 #include <common/json.h>
10 #include <common/json_stream.h>
11 #include <common/overflows.h>
12 #include <common/utils.h>
13 #include <errno.h>
14 #include <inttypes.h>
15 #include <stdio.h>
16
json_tok_full(const char * buffer,const jsmntok_t * t)17 const char *json_tok_full(const char *buffer, const jsmntok_t *t)
18 {
19 if (t->type == JSMN_STRING)
20 return buffer + t->start - 1;
21 return buffer + t->start;
22 }
23
24 /* Include " if it's a string. */
json_tok_full_len(const jsmntok_t * t)25 int json_tok_full_len(const jsmntok_t *t)
26 {
27 if (t->type == JSMN_STRING)
28 return t->end - t->start + 2;
29 return t->end - t->start;
30 }
31
json_tok_strneq(const char * buffer,const jsmntok_t * tok,const char * str,size_t len)32 bool json_tok_strneq(const char *buffer, const jsmntok_t *tok,
33 const char *str, size_t len)
34 {
35 if (tok->type != JSMN_STRING)
36 return false;
37 return memeq(buffer + tok->start, tok->end - tok->start, str, len);
38 }
39
json_tok_streq(const char * buffer,const jsmntok_t * tok,const char * str)40 bool json_tok_streq(const char *buffer, const jsmntok_t *tok, const char *str)
41 {
42 return json_tok_strneq(buffer, tok, str, strlen(str));
43 }
44
json_tok_startswith(const char * buffer,const jsmntok_t * tok,const char * prefix)45 bool json_tok_startswith(const char *buffer, const jsmntok_t *tok,
46 const char *prefix)
47 {
48 if (tok->type != JSMN_STRING)
49 return false;
50 if (tok->end - tok->start < strlen(prefix))
51 return false;
52 return memcmp(buffer + tok->start,
53 prefix, strlen(prefix)) == 0;
54 }
55
json_tok_endswith(const char * buffer,const jsmntok_t * tok,const char * suffix)56 bool json_tok_endswith(const char *buffer, const jsmntok_t *tok,
57 const char *suffix)
58 {
59 if (tok->type != JSMN_STRING)
60 return false;
61 if (tok->end - tok->start < strlen(suffix))
62 return false;
63 return memcmp(buffer + tok->end - strlen(suffix),
64 suffix, strlen(suffix)) == 0;
65 }
66
json_strdup(const tal_t * ctx,const char * buffer,const jsmntok_t * tok)67 char *json_strdup(const tal_t *ctx, const char *buffer, const jsmntok_t *tok)
68 {
69 return tal_strndup(ctx, buffer + tok->start, tok->end - tok->start);
70 }
71
json_to_u64(const char * buffer,const jsmntok_t * tok,uint64_t * num)72 bool json_to_u64(const char *buffer, const jsmntok_t *tok,
73 uint64_t *num)
74 {
75 char *end;
76 unsigned long long l;
77
78 l = strtoull(buffer + tok->start, &end, 0);
79 if (end != buffer + tok->end)
80 return false;
81
82 BUILD_ASSERT(sizeof(l) >= sizeof(*num));
83 *num = l;
84
85 /* Check for overflow */
86 if (l == ULLONG_MAX && errno == ERANGE)
87 return false;
88
89 if (*num != l)
90 return false;
91
92 return true;
93 }
94
json_to_s64(const char * buffer,const jsmntok_t * tok,s64 * num)95 bool json_to_s64(const char *buffer, const jsmntok_t *tok, s64 *num)
96 {
97 char *end;
98 long long l;
99
100 l = strtoll(buffer + tok->start, &end, 0);
101 if (end != buffer + tok->end)
102 return false;
103
104 BUILD_ASSERT(sizeof(l) >= sizeof(*num));
105 *num = l;
106
107 /* Check for overflow/underflow */
108 if ((l == LONG_MAX || l == LONG_MIN) && errno == ERANGE)
109 return false;
110
111 /* Check if the number did not fit in `s64` (in case `long long`
112 is a bigger type). */
113 if (*num != l)
114 return false;
115
116 return true;
117 }
118
json_to_millionths(const char * buffer,const jsmntok_t * tok,u64 * millionths)119 bool json_to_millionths(const char *buffer, const jsmntok_t *tok,
120 u64 *millionths)
121 {
122 int decimal_places = -1;
123 bool has_digits = 0;
124
125 *millionths = 0;
126 for (int i = tok->start; i < tok->end; i++) {
127 if (isdigit(buffer[i])) {
128 has_digits = true;
129 /* Ignore too much precision */
130 if (decimal_places >= 0 && ++decimal_places > 6)
131 continue;
132 if (mul_overflows_u64(*millionths, 10))
133 return false;
134 *millionths *= 10;
135 if (add_overflows_u64(*millionths, buffer[i] - '0'))
136 return false;
137 *millionths += buffer[i] - '0';
138 } else if (buffer[i] == '.') {
139 if (decimal_places != -1)
140 return false;
141 decimal_places = 0;
142 } else
143 return false;
144 }
145
146 if (!has_digits)
147 return false;
148
149 if (decimal_places == -1)
150 decimal_places = 0;
151
152 while (decimal_places < 6) {
153 if (mul_overflows_u64(*millionths, 10))
154 return false;
155 *millionths *= 10;
156 decimal_places++;
157 }
158 return true;
159 }
160
json_to_number(const char * buffer,const jsmntok_t * tok,unsigned int * num)161 bool json_to_number(const char *buffer, const jsmntok_t *tok,
162 unsigned int *num)
163 {
164 uint64_t u64;
165
166 if (!json_to_u64(buffer, tok, &u64))
167 return false;
168 *num = u64;
169
170 /* Just in case it doesn't fit. */
171 if (*num != u64)
172 return false;
173 return true;
174 }
175
json_to_u16(const char * buffer,const jsmntok_t * tok,short unsigned int * num)176 bool json_to_u16(const char *buffer, const jsmntok_t *tok,
177 short unsigned int *num)
178 {
179 uint64_t u64;
180
181 if (!json_to_u64(buffer, tok, &u64))
182 return false;
183 *num = u64;
184
185 /* Just in case it doesn't fit. */
186 if (*num != u64)
187 return false;
188 return true;
189 }
190
json_to_u32(const char * buffer,const jsmntok_t * tok,uint32_t * num)191 bool json_to_u32(const char *buffer, const jsmntok_t *tok,
192 uint32_t *num)
193 {
194 uint64_t u64;
195
196 if (!json_to_u64(buffer, tok, &u64))
197 return false;
198 *num = u64;
199
200 /* Just in case it doesn't fit. */
201 if (*num != u64)
202 return false;
203 return true;
204 }
205
json_to_int(const char * buffer,const jsmntok_t * tok,int * num)206 bool json_to_int(const char *buffer, const jsmntok_t *tok, int *num)
207 {
208 s64 tmp;
209
210 if (!json_to_s64(buffer, tok, &tmp))
211 return false;
212 *num = tmp;
213
214 /* Just in case it doesn't fit. */
215 if (*num != tmp)
216 return false;
217
218 return true;
219 }
220
json_to_errcode(const char * buffer,const jsmntok_t * tok,errcode_t * errcode)221 bool json_to_errcode(const char *buffer, const jsmntok_t *tok, errcode_t *errcode)
222 {
223 s64 tmp;
224
225 if (!json_to_s64(buffer, tok, &tmp))
226 return false;
227 *errcode = tmp;
228
229 /* Just in case it doesn't fit. */
230 if (*errcode != tmp)
231 return false;
232
233 return true;
234 }
235
json_to_bool(const char * buffer,const jsmntok_t * tok,bool * b)236 bool json_to_bool(const char *buffer, const jsmntok_t *tok, bool *b)
237 {
238 if (tok->type != JSMN_PRIMITIVE)
239 return false;
240 if (memeqstr(buffer + tok->start, tok->end - tok->start, "true")) {
241 *b = true;
242 return true;
243 }
244 if (memeqstr(buffer + tok->start, tok->end - tok->start, "false")) {
245 *b = false;
246 return true;
247 }
248 return false;
249 }
250
json_to_sha256(const char * buffer,const jsmntok_t * tok,struct sha256 * dest)251 bool json_to_sha256(const char *buffer, const jsmntok_t *tok, struct sha256 *dest)
252 {
253 if (tok->type != JSMN_STRING)
254 return false;
255
256 return hex_decode(buffer + tok->start, tok->end - tok->start, dest,
257 sizeof(struct sha256));
258 }
259
json_tok_bin_from_hex(const tal_t * ctx,const char * buffer,const jsmntok_t * tok)260 u8 *json_tok_bin_from_hex(const tal_t *ctx, const char *buffer, const jsmntok_t *tok)
261 {
262 u8 *result;
263 size_t hexlen, rawlen;
264 hexlen = tok->end - tok->start;
265 rawlen = hex_data_size(hexlen);
266
267 result = tal_arr(ctx, u8, rawlen);
268 if (!hex_decode(buffer + tok->start, hexlen, result, rawlen))
269 return tal_free(result);
270
271 return result;
272 }
273
json_tok_is_num(const char * buffer,const jsmntok_t * tok)274 bool json_tok_is_num(const char *buffer, const jsmntok_t *tok)
275 {
276 if (tok->type != JSMN_PRIMITIVE)
277 return false;
278
279 for (int i = tok->start; i < tok->end; i++)
280 if (!cisdigit(buffer[i]))
281 return false;
282 return true;
283 }
284
json_tok_is_null(const char * buffer,const jsmntok_t * tok)285 bool json_tok_is_null(const char *buffer, const jsmntok_t *tok)
286 {
287 if (tok->type != JSMN_PRIMITIVE)
288 return false;
289 return buffer[tok->start] == 'n';
290 }
291
json_next(const jsmntok_t * tok)292 const jsmntok_t *json_next(const jsmntok_t *tok)
293 {
294 const jsmntok_t *t;
295 size_t i;
296
297 for (t = tok + 1, i = 0; i < tok->size; i++)
298 t = json_next(t);
299
300 return t;
301 }
302
json_get_membern(const char * buffer,const jsmntok_t tok[],const char * label,size_t len)303 const jsmntok_t *json_get_membern(const char *buffer, const jsmntok_t tok[],
304 const char *label, size_t len)
305 {
306 const jsmntok_t *t;
307 size_t i;
308
309 if (tok->type != JSMN_OBJECT)
310 return NULL;
311
312 json_for_each_obj(i, t, tok)
313 if (json_tok_strneq(buffer, t, label, len))
314 return t + 1;
315
316 return NULL;
317 }
318
json_get_member(const char * buffer,const jsmntok_t tok[],const char * label)319 const jsmntok_t *json_get_member(const char *buffer, const jsmntok_t tok[],
320 const char *label)
321 {
322 return json_get_membern(buffer, tok, label, strlen(label));
323 }
324
json_get_arr(const jsmntok_t tok[],size_t index)325 const jsmntok_t *json_get_arr(const jsmntok_t tok[], size_t index)
326 {
327 const jsmntok_t *t;
328 size_t i;
329
330 if (tok->type != JSMN_ARRAY)
331 return NULL;
332
333 json_for_each_arr(i, t, tok) {
334 if (index == 0)
335 return t;
336 index--;
337 }
338
339 return NULL;
340 }
341
342 /*-----------------------------------------------------------------------------
343 JSMN Result Validation Starts
344 -----------------------------------------------------------------------------*/
345 /*~ LIBJSMN is a fast, small JSON parsing library.
346 *
347 * "Fast, small" means it does not, in fact, do a
348 * lot of checking for invalid JSON.
349 *
350 * For example, by itself it would accept the strings
351 * `{"1" "2" "3" "4"}` and `["key": 1 2 3 4]` as valid.
352 * Obviously those are not in any way valid JSON.
353 *
354 * This part of the code performs some filtering so
355 * that at least some of the invalid JSON that
356 * LIBJSMN accepts, will be rejected by
357 * json_parse_input. It also checks that strings are valid UTF-8.
358 */
359
360 /*~ These functions are used in JSMN validation.
361 *
362 * The calling convention is that the "current" token
363 * is passed in as the first argument, and after the
364 * validator, is returned from the function.
365 *
366 * p = validate_jsmn_datum(p, end, valid);
367 *
368 * The reason has to do with typical C ABIs.
369 * Usually, the first few arguments are passed in via
370 * register, and the return value is also returned
371 * via register.
372 * This calling convention generally ensures that
373 * the current token pointer `p` is always in a
374 * register and is never forced into memory by the
375 * compiler.
376 *
377 * These functions are pre-declared here as they
378 * are interrecursive.
379 * Note that despite the recursion, `p` is only ever
380 * advanced, and there is only ever one `p` value,
381 * thus the overall algorithm is strict O(n)
382 * (*not* amortized) in time.
383 * The recursion does mean the algorithm is O(d)
384 * in memory (specifically stack frames), where d
385 * is the nestedness of objects in the input.
386 * This may become an issue later if we are in a
387 * stack-limited environment, such as if we actually
388 * went and used threads.
389 */
390 /* Validate a *single* datum. */
391 static const jsmntok_t *
392 validate_jsmn_datum(const char *buf,
393 const jsmntok_t *p,
394 const jsmntok_t *end,
395 bool *valid);
396 /*~ Validate a key-value pair.
397 *
398 * In JSMN, objects are not dictionaries.
399 * Instead, they are a sequence of datums.
400 *
401 * In fact, objects and arrays in JSMN are "the same",
402 * they only differ in delimiter characters.
403 *
404 * Of course, in "real" JSON, an object is a dictionary
405 * of key-value pairs.
406 *
407 * So what JSMN does is that the syntax "key": "value"
408 * is considered a *single* datum, a string "key"
409 * that contains a value "value".
410 *
411 * Indeed, JSMN accepts `["key": "value"]` as well as
412 * `{"item1", "item2"}`.
413 * The entire point of the validate_jsmn_result function
414 * is to reject such improper arrays and objects.
415 */
416 static const jsmntok_t *
417 validate_jsmn_keyvalue(const char *buf,
418 const jsmntok_t *p,
419 const jsmntok_t *end,
420 bool *valid);
421
422 static const jsmntok_t *
validate_jsmn_datum(const char * buf,const jsmntok_t * p,const jsmntok_t * end,bool * valid)423 validate_jsmn_datum(const char *buf,
424 const jsmntok_t *p,
425 const jsmntok_t *end,
426 bool *valid)
427 {
428 int i;
429 int sz;
430
431 if (p >= end) {
432 *valid = false;
433 return p;
434 }
435
436 switch (p->type) {
437 case JSMN_STRING:
438 if (!utf8_check(buf + p->start, p->end - p->start))
439 *valid = false;
440 /* Fall thru */
441 case JSMN_UNDEFINED:
442 case JSMN_PRIMITIVE:
443 /* These types should not have sub-datums. */
444 if (p->size != 0)
445 *valid = false;
446 else
447 ++p;
448 break;
449
450 case JSMN_ARRAY:
451 /* Save the array size; we will advance p. */
452 sz = p->size;
453 ++p;
454 for (i = 0; i < sz; ++i) {
455 /* Arrays should only contain standard JSON datums. */
456 p = validate_jsmn_datum(buf, p, end, valid);
457 if (!*valid)
458 break;
459 }
460 break;
461
462 case JSMN_OBJECT:
463 /* Save the object size; we will advance p. */
464 sz = p->size;
465 ++p;
466 for (i = 0; i < sz; ++i) {
467 /* Objects should only contain key-value pairs. */
468 p = validate_jsmn_keyvalue(buf, p, end, valid);
469 if (!*valid)
470 break;
471 }
472 break;
473
474 default:
475 *valid = false;
476 break;
477 }
478
479 return p;
480 }
481 /* Key-value pairs *must* be strings with size 1. */
482 static inline const jsmntok_t *
validate_jsmn_keyvalue(const char * buf,const jsmntok_t * p,const jsmntok_t * end,bool * valid)483 validate_jsmn_keyvalue(const char *buf,
484 const jsmntok_t *p,
485 const jsmntok_t *end,
486 bool *valid)
487 {
488 if (p >= end) {
489 *valid = false;
490 return p;
491 }
492
493 /* Check key.
494 *
495 * JSMN parses the syntax `"key": "value"` as a
496 * JSMN_STRING of size 1, containing the value
497 * datum as a sub-datum.
498 *
499 * Thus, keys in JSON objects are really strings
500 * that "contain" the value, thus we check if
501 * the size is 1.
502 *
503 * JSMN supports a non-standard syntax such as
504 * `"key": 1 2 3 4`, which it considers as a
505 * string object that contains a sequence of
506 * sub-datums 1 2 3 4.
507 * The check below that p->size == 1 also
508 * incidentally rejects that non-standard
509 * JSON.
510 */
511 if (p->type != JSMN_STRING || p->size != 1
512 || !utf8_check(buf + p->start, p->end - p->start)) {
513 *valid = false;
514 return p;
515 }
516
517 ++p;
518 return validate_jsmn_datum(buf, p, end, valid);
519 }
520
521 /** validate_jsmn_parse_output
522 *
523 * @brief Validates the result of jsmn_parse.
524 *
525 * @desc LIBJMSN is a small fast library, not a
526 * comprehensive library.
527 *
528 * This simply means that LIBJSMN will accept a
529 * *lot* of very strange text that is technically
530 * not JSON.
531 *
532 * For example, LIBJSMN would accept the strings
533 * `{"1" "2" "3" "4"}` and `["key": 1 2 3 4]` as valid.
534 *
535 * This can lead to strange sequences of jsmntok_t
536 * objects.
537 * Unfortunately, most of our code assumes that
538 * the data fed into our JSON-RPC interface is
539 * valid JSON, and in particular is not invalid
540 * JSON that tickles LIBJSMN into emitting
541 * strange sequences of `jsmntok_t`.
542 *
543 * This function detects such possible problems
544 * and returns false if such an issue is found.
545 * If so, it is probably unsafe to pass the
546 * `jsmntok_t` generated by LIBJSMN to any other
547 * parts of our code.
548 *
549 * @param p - The first jsmntok_t token to process.
550 * This function does not assume that semantically
551 * only one JSON datum is processed; it does expect
552 * a sequence of complete JSON datums (which is
553 * what LIBJSMN *should* output).
554 * @param end - One past the end of jsmntok_t.
555 * Basically, this function is assured to read tokens
556 * starting at p up to end - 1.
557 * If p >= end, this will not validate anything and
558 * trivially return true.
559 *
560 * @return true if there appears to be no problem
561 * with the jsmntok_t sequence outputted by
562 * `jsmn_parse`, false otherwise.
563 */
564 static bool
validate_jsmn_parse_output(const char * buf,const jsmntok_t * p,const jsmntok_t * end)565 validate_jsmn_parse_output(const char *buf,
566 const jsmntok_t *p, const jsmntok_t *end)
567 {
568 bool valid = true;
569
570 while (p < end && valid)
571 p = validate_jsmn_datum(buf, p, end, &valid);
572
573 return valid;
574 }
575
576 /*-----------------------------------------------------------------------------
577 JSMN Result Validation Ends
578 -----------------------------------------------------------------------------*/
579
toks_reset(jsmntok_t * toks)580 void toks_reset(jsmntok_t *toks)
581 {
582 assert(tal_count(toks) >= 1);
583 toks[0].type = JSMN_UNDEFINED;
584 }
585
toks_alloc(const tal_t * ctx)586 jsmntok_t *toks_alloc(const tal_t *ctx)
587 {
588 jsmntok_t *toks = tal_arr(ctx, jsmntok_t, 10);
589 toks_reset(toks);
590 return toks;
591 }
592
json_parse_input(jsmn_parser * parser,jsmntok_t ** toks,const char * input,int len,bool * complete)593 bool json_parse_input(jsmn_parser *parser,
594 jsmntok_t **toks,
595 const char *input, int len,
596 bool *complete)
597 {
598 int ret;
599
600 again:
601 ret = jsmn_parse(parser, input, len, *toks, tal_count(*toks) - 1);
602
603 switch (ret) {
604 case JSMN_ERROR_INVAL:
605 return false;
606 case JSMN_ERROR_NOMEM:
607 tal_resize(toks, tal_count(*toks) * 2);
608 goto again;
609 }
610
611 /* Check whether we read at least one full root element, i.e., root
612 * element has its end set. */
613 if ((*toks)[0].type == JSMN_UNDEFINED || (*toks)[0].end == -1) {
614 *complete = false;
615 return true;
616 }
617
618 /* If we read a partial element at the end of the stream we'll get a
619 * ret=JSMN_ERROR_PART, but due to the previous check we know we read at
620 * least one full element, so count tokens that are part of this root
621 * element. */
622 ret = json_next(*toks) - *toks;
623
624 if (!validate_jsmn_parse_output(input, *toks, *toks + ret))
625 return false;
626
627 /* Cut to length and return. */
628 tal_resize(toks, ret + 1);
629 /* Make sure last one is always referenceable. */
630 (*toks)[ret].type = -1;
631 (*toks)[ret].start = (*toks)[ret].end = (*toks)[ret].size = 0;
632
633 *complete = true;
634 return true;
635 }
636
json_parse_simple(const tal_t * ctx,const char * input,int len)637 jsmntok_t *json_parse_simple(const tal_t *ctx, const char *input, int len)
638 {
639 bool complete;
640 jsmn_parser parser;
641 jsmntok_t *toks = toks_alloc(ctx);
642
643 jsmn_init(&parser);
644
645 if (!json_parse_input(&parser, &toks, input, len, &complete)
646 || !complete)
647 return tal_free(toks);
648 return toks;
649 }
650
jsmntype_to_string(jsmntype_t t)651 const char *jsmntype_to_string(jsmntype_t t)
652 {
653 switch (t) {
654 case JSMN_UNDEFINED :
655 return "UNDEFINED";
656 case JSMN_OBJECT :
657 return "OBJECT";
658 case JSMN_ARRAY :
659 return "ARRAY";
660 case JSMN_STRING :
661 return "STRING";
662 case JSMN_PRIMITIVE :
663 return "PRIMITIVE";
664 }
665 return "INVALID";
666 }
667
json_tok_print(const char * buffer,const jsmntok_t * tok)668 void json_tok_print(const char *buffer, const jsmntok_t *tok)
669 {
670 const jsmntok_t *first = tok;
671 const jsmntok_t *last = json_next(tok);
672 printf("size: %d, count: %td\n", tok->size, last - first);
673 while (first != last) {
674 printf("%td. %.*s, %s\n", first - tok,
675 first->end - first->start, buffer + first->start,
676 jsmntype_to_string(first->type));
677 first++;
678 }
679 printf("\n");
680 }
681
json_tok_copy(const tal_t * ctx,const jsmntok_t * tok)682 jsmntok_t *json_tok_copy(const tal_t *ctx, const jsmntok_t *tok)
683 {
684 return tal_dup_arr(ctx, jsmntok_t, tok, json_next(tok) - tok, 0);
685 }
686
json_tok_remove(jsmntok_t ** tokens,jsmntok_t * obj_or_array,const jsmntok_t * tok,size_t num)687 void json_tok_remove(jsmntok_t **tokens,
688 jsmntok_t *obj_or_array, const jsmntok_t *tok, size_t num)
689 {
690 const jsmntok_t *src = tok;
691 const jsmntok_t *end = json_next(*tokens);
692 jsmntok_t *dest = *tokens + (tok - *tokens);
693 int remove_count;
694
695 assert(*tokens);
696 assert(obj_or_array->type == JSMN_ARRAY
697 || obj_or_array->type == JSMN_OBJECT);
698 /* obj_or_array must be inside tokens, and tok must be inside
699 * obj_or_array */
700 assert(obj_or_array >= *tokens
701 && obj_or_array < *tokens + tal_count(*tokens));
702 assert(tok >= obj_or_array
703 && tok < *tokens + tal_count(*tokens));
704
705 for (int i = 0; i < num; i++)
706 src = json_next(src);
707
708 /* Don't give us a num which goes over end of obj_or_array. */
709 assert(src <= json_next(obj_or_array));
710
711 remove_count = src - tok;
712
713 memmove(dest, src, sizeof(jsmntok_t) * (end - src));
714
715 /* Subtract first: this ptr may move after tal_resize! */
716 obj_or_array->size -= num;
717 tal_resize(tokens, tal_count(*tokens) - remove_count);
718 }
719
720 /* talfmt take a ctx pointer and return NULL or a valid pointer.
721 * fmt takes the argument, and returns a bool.
722 *
723 * This function returns NULL on success, or errmsg on failure.
724 */
handle_percent(const char * buffer,const jsmntok_t * tok,va_list * ap)725 static const char *handle_percent(const char *buffer,
726 const jsmntok_t *tok,
727 va_list *ap)
728 {
729 void *ctx;
730 const char *fmtname;
731
732 /* This is set to (dummy) json_scan if it's a non-tal fmt */
733 ctx = va_arg(*ap, void *);
734 fmtname = va_arg(*ap, const char *);
735 if (ctx != json_scan) {
736 void *(*talfmt)(void *, const char *, const jsmntok_t *);
737 void **p;
738 p = va_arg(*ap, void **);
739 talfmt = va_arg(*ap, void *(*)(void *, const char *, const jsmntok_t *));
740 *p = talfmt(ctx, buffer, tok);
741 if (*p != NULL)
742 return NULL;
743 } else {
744 bool (*fmt)(const char *, const jsmntok_t *, void *);
745 void *p;
746
747 p = va_arg(*ap, void *);
748 fmt = va_arg(*ap, bool (*)(const char *, const jsmntok_t *, void *));
749 if (fmt(buffer, tok, p))
750 return NULL;
751 }
752
753 return tal_fmt(tmpctx, "%s could not parse %.*s",
754 fmtname,
755 json_tok_full_len(tok),
756 json_tok_full(buffer, tok));
757 }
758
759 /* GUIDE := OBJ | ARRAY | '%'
760 * OBJ := '{' FIELDLIST '}'
761 * FIELDLIST := FIELD [',' FIELD]*
762 * FIELD := LITERAL ':' FIELDVAL
763 * FIELDVAL := OBJ | ARRAY | LITERAL | '%'
764 * ARRAY := '[' ARRLIST ']'
765 * ARRLIST := ARRELEM [',' ARRELEM]*
766 * ARRELEM := NUMBER ':' FIELDVAL
767 */
768
parse_literal(const char ** guide,const char ** literal,size_t * len)769 static void parse_literal(const char **guide,
770 const char **literal,
771 size_t *len)
772 {
773 *literal = *guide;
774 *len = strspn(*guide,
775 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
776 "abcdefghijklmnopqrstuvwxyz"
777 "0123456789"
778 "_-");
779 *guide += *len;
780 }
781
parse_number(const char ** guide,u32 * number)782 static void parse_number(const char **guide, u32 *number)
783 {
784 char *endp;
785 long int l;
786
787 l = strtol(*guide, &endp, 10);
788 assert(endp != *guide);
789 assert(errno != ERANGE);
790
791 /* Test for overflow */
792 *number = l;
793 assert(*number == l);
794
795 *guide = endp;
796 }
797
guide_consume_one(const char ** guide)798 static char guide_consume_one(const char **guide)
799 {
800 char c = **guide;
801 (*guide)++;
802 return c;
803 }
804
guide_must_be(const char ** guide,char c)805 static void guide_must_be(const char **guide, char c)
806 {
807 char actual = guide_consume_one(guide);
808 assert(actual == c);
809 }
810
811 /* Recursion: return NULL on success, errmsg on fail */
812 static const char *parse_obj(const char *buffer,
813 const jsmntok_t *tok,
814 const char **guide,
815 va_list *ap);
816
817 static const char *parse_arr(const char *buffer,
818 const jsmntok_t *tok,
819 const char **guide,
820 va_list *ap);
821
parse_guide(const char * buffer,const jsmntok_t * tok,const char ** guide,va_list * ap)822 static const char *parse_guide(const char *buffer,
823 const jsmntok_t *tok,
824 const char **guide,
825 va_list *ap)
826 {
827 const char *errmsg;
828
829 if (**guide == '{') {
830 errmsg = parse_obj(buffer, tok, guide, ap);
831 if (errmsg)
832 return errmsg;
833 } else if (**guide == '[') {
834 errmsg = parse_arr(buffer, tok, guide, ap);
835 if (errmsg)
836 return errmsg;
837 } else {
838 guide_must_be(guide, '%');
839 errmsg = handle_percent(buffer, tok, ap);
840 if (errmsg)
841 return errmsg;
842 }
843 return NULL;
844 }
845
parse_fieldval(const char * buffer,const jsmntok_t * tok,const char ** guide,va_list * ap)846 static const char *parse_fieldval(const char *buffer,
847 const jsmntok_t *tok,
848 const char **guide,
849 va_list *ap)
850 {
851 const char *errmsg;
852
853 if (**guide == '{') {
854 errmsg = parse_obj(buffer, tok, guide, ap);
855 if (errmsg)
856 return errmsg;
857 } else if (**guide == '[') {
858 errmsg = parse_arr(buffer, tok, guide, ap);
859 if (errmsg)
860 return errmsg;
861 } else if (**guide == '%') {
862 guide_consume_one(guide);
863 errmsg = handle_percent(buffer, tok, ap);
864 if (errmsg)
865 return errmsg;
866 } else {
867 const char *literal;
868 size_t len;
869
870 /* Literal must match exactly (modulo quotes for strings) */
871 parse_literal(guide, &literal, &len);
872 if (!memeq(buffer + tok->start, tok->end - tok->start,
873 literal, len)) {
874 return tal_fmt(tmpctx,
875 "%.*s does not match expected %.*s",
876 json_tok_full_len(tok),
877 json_tok_full(buffer, tok),
878 (int)len, literal);
879 }
880 }
881 return NULL;
882 }
883
parse_field(const char * buffer,const jsmntok_t * tok,const char ** guide,va_list * ap)884 static const char *parse_field(const char *buffer,
885 const jsmntok_t *tok,
886 const char **guide,
887 va_list *ap)
888 {
889 const jsmntok_t *member;
890 size_t len;
891 const char *memname;
892
893 parse_literal(guide, &memname, &len);
894 guide_must_be(guide, ':');
895
896 member = json_get_membern(buffer, tok, memname, len);
897 if (!member) {
898 return tal_fmt(tmpctx, "object does not have member %.*s",
899 (int)len, memname);
900 }
901
902 return parse_fieldval(buffer, member, guide, ap);
903 }
904
parse_fieldlist(const char * buffer,const jsmntok_t * tok,const char ** guide,va_list * ap)905 static const char *parse_fieldlist(const char *buffer,
906 const jsmntok_t *tok,
907 const char **guide,
908 va_list *ap)
909 {
910 for (;;) {
911 const char *errmsg;
912
913 errmsg = parse_field(buffer, tok, guide, ap);
914 if (errmsg)
915 return errmsg;
916 if (**guide != ',')
917 break;
918 guide_consume_one(guide);
919 }
920 return NULL;
921 }
922
parse_obj(const char * buffer,const jsmntok_t * tok,const char ** guide,va_list * ap)923 static const char *parse_obj(const char *buffer,
924 const jsmntok_t *tok,
925 const char **guide,
926 va_list *ap)
927 {
928 const char *errmsg;
929
930 guide_must_be(guide, '{');
931
932 if (tok->type != JSMN_OBJECT) {
933 return tal_fmt(tmpctx, "token is not an object: %.*s",
934 json_tok_full_len(tok),
935 json_tok_full(buffer, tok));
936 }
937
938 errmsg = parse_fieldlist(buffer, tok, guide, ap);
939 if (errmsg)
940 return errmsg;
941
942 guide_must_be(guide, '}');
943 return NULL;
944 }
945
parse_arrelem(const char * buffer,const jsmntok_t * tok,const char ** guide,va_list * ap)946 static const char *parse_arrelem(const char *buffer,
947 const jsmntok_t *tok,
948 const char **guide,
949 va_list *ap)
950 {
951 const jsmntok_t *member;
952 u32 idx;
953
954 parse_number(guide, &idx);
955 guide_must_be(guide, ':');
956
957 member = json_get_arr(tok, idx);
958 if (!member) {
959 return tal_fmt(tmpctx, "token has no index %u: %.*s",
960 idx,
961 json_tok_full_len(tok),
962 json_tok_full(buffer, tok));
963 }
964
965 return parse_fieldval(buffer, member, guide, ap);
966 }
967
parse_arrlist(const char * buffer,const jsmntok_t * tok,const char ** guide,va_list * ap)968 static const char *parse_arrlist(const char *buffer,
969 const jsmntok_t *tok,
970 const char **guide,
971 va_list *ap)
972 {
973 const char *errmsg;
974
975 for (;;) {
976 errmsg = parse_arrelem(buffer, tok, guide, ap);
977 if (errmsg)
978 return errmsg;
979 if (**guide != ',')
980 break;
981 guide_consume_one(guide);
982 }
983 return NULL;
984 }
985
parse_arr(const char * buffer,const jsmntok_t * tok,const char ** guide,va_list * ap)986 static const char *parse_arr(const char *buffer,
987 const jsmntok_t *tok,
988 const char **guide,
989 va_list *ap)
990 {
991 const char *errmsg;
992
993 guide_must_be(guide, '[');
994
995 if (tok->type != JSMN_ARRAY) {
996 return tal_fmt(tmpctx, "token is not an array: %.*s",
997 json_tok_full_len(tok),
998 json_tok_full(buffer, tok));
999 }
1000
1001 errmsg = parse_arrlist(buffer, tok, guide, ap);
1002 if (errmsg)
1003 return errmsg;
1004
1005 guide_must_be(guide, ']');
1006 return NULL;
1007 }
1008
json_scanv(const tal_t * ctx,const char * buffer,const jsmntok_t * tok,const char * guide,va_list ap)1009 const char *json_scanv(const tal_t *ctx,
1010 const char *buffer,
1011 const jsmntok_t *tok,
1012 const char *guide,
1013 va_list ap)
1014 {
1015 va_list cpy;
1016 const char *orig_guide = guide, *errmsg;
1017
1018 /* We need this, since &ap doesn't work on some platforms... */
1019 va_copy(cpy, ap);
1020 errmsg = parse_guide(buffer, tok, &guide, &cpy);
1021 va_end(cpy);
1022
1023 if (errmsg) {
1024 return tal_fmt(ctx, "Parsing '%.*s': %s",
1025 (int)(guide - orig_guide), orig_guide,
1026 errmsg);
1027 }
1028 assert(guide[0] == '\0');
1029 return NULL;
1030 }
1031
json_scan(const tal_t * ctx,const char * buffer,const jsmntok_t * tok,const char * guide,...)1032 const char *json_scan(const tal_t *ctx,
1033 const char *buffer,
1034 const jsmntok_t *tok,
1035 const char *guide,
1036 ...)
1037 {
1038 va_list ap;
1039 const char *ret;
1040
1041 va_start(ap, guide);
1042 ret = json_scanv(ctx, buffer, tok, guide, ap);
1043 va_end(ap);
1044 return ret;
1045 }
1046
json_add_num(struct json_stream * result,const char * fieldname,unsigned int value)1047 void json_add_num(struct json_stream *result, const char *fieldname, unsigned int value)
1048 {
1049 json_add_member(result, fieldname, false, "%u", value);
1050 }
1051
json_add_u64(struct json_stream * result,const char * fieldname,uint64_t value)1052 void json_add_u64(struct json_stream *result, const char *fieldname,
1053 uint64_t value)
1054 {
1055 json_add_member(result, fieldname, false, "%"PRIu64, value);
1056 }
1057
json_add_s64(struct json_stream * result,const char * fieldname,int64_t value)1058 void json_add_s64(struct json_stream *result, const char *fieldname,
1059 int64_t value)
1060 {
1061 json_add_member(result, fieldname, false, "%"PRIi64, value);
1062 }
1063
json_add_u32(struct json_stream * result,const char * fieldname,uint32_t value)1064 void json_add_u32(struct json_stream *result, const char *fieldname,
1065 uint32_t value)
1066 {
1067 json_add_member(result, fieldname, false, "%u", value);
1068 }
1069
json_add_s32(struct json_stream * result,const char * fieldname,int32_t value)1070 void json_add_s32(struct json_stream *result, const char *fieldname,
1071 int32_t value)
1072 {
1073 json_add_member(result, fieldname, false, "%d", value);
1074 }
1075
json_add_literal(struct json_stream * result,const char * fieldname,const char * literal,int len)1076 void json_add_literal(struct json_stream *result, const char *fieldname,
1077 const char *literal, int len)
1078 {
1079 /* Literal may contain quotes, so bypass normal checks */
1080 char *dest = json_member_direct(result, fieldname, len);
1081 if (dest)
1082 memcpy(dest, literal, len);
1083 }
1084
json_add_stringn(struct json_stream * result,const char * fieldname,const char * value TAKES,size_t value_len)1085 void json_add_stringn(struct json_stream *result, const char *fieldname,
1086 const char *value TAKES, size_t value_len)
1087 {
1088 json_add_member(result, fieldname, true, "%.*s", (int)value_len, value);
1089 if (taken(value))
1090 tal_free(value);
1091 }
1092
json_add_string(struct json_stream * result,const char * fieldname,const char * value TAKES)1093 void json_add_string(struct json_stream *result, const char *fieldname, const char *value TAKES)
1094 {
1095 json_add_stringn(result, fieldname, value, strlen(value));
1096 }
1097
json_add_bool(struct json_stream * result,const char * fieldname,bool value)1098 void json_add_bool(struct json_stream *result, const char *fieldname, bool value)
1099 {
1100 json_add_member(result, fieldname, false, value ? "true" : "false");
1101 }
1102
json_add_null(struct json_stream * stream,const char * fieldname)1103 void json_add_null(struct json_stream *stream, const char *fieldname)
1104 {
1105 json_add_member(stream, fieldname, false, "null");
1106 }
1107
json_add_hex(struct json_stream * js,const char * fieldname,const void * data,size_t len)1108 void json_add_hex(struct json_stream *js, const char *fieldname,
1109 const void *data, size_t len)
1110 {
1111 /* Size without NUL term */
1112 size_t hexlen = hex_str_size(len) - 1;
1113 char *dest;
1114
1115 dest = json_member_direct(js, fieldname, 1 + hexlen + 1);
1116 if (dest) {
1117 dest[0] = '"';
1118 if (!hex_encode(data, len, dest + 1, hexlen + 1))
1119 abort();
1120 dest[1+hexlen] = '"';
1121 }
1122 }
1123
json_add_hex_talarr(struct json_stream * result,const char * fieldname,const tal_t * data)1124 void json_add_hex_talarr(struct json_stream *result,
1125 const char *fieldname,
1126 const tal_t *data)
1127 {
1128 json_add_hex(result, fieldname, data, tal_bytelen(data));
1129 }
1130
json_add_escaped_string(struct json_stream * result,const char * fieldname,const struct json_escape * esc TAKES)1131 void json_add_escaped_string(struct json_stream *result, const char *fieldname,
1132 const struct json_escape *esc TAKES)
1133 {
1134 /* Already escaped, don't re-escape! */
1135 char *dest = json_member_direct(result, fieldname,
1136 1 + strlen(esc->s) + 1);
1137
1138 if (dest) {
1139 dest[0] = '"';
1140 memcpy(dest + 1, esc->s, strlen(esc->s));
1141 dest[1+strlen(esc->s)] = '"';
1142 }
1143 if (taken(esc))
1144 tal_free(esc);
1145 }
1146
json_add_timeabs(struct json_stream * result,const char * fieldname,struct timeabs t)1147 void json_add_timeabs(struct json_stream *result, const char *fieldname,
1148 struct timeabs t)
1149 {
1150 json_add_member(result, fieldname, false, "%" PRIu64 ".%03" PRIu64,
1151 (u64)t.ts.tv_sec, (u64)t.ts.tv_nsec / 1000000);
1152 }
1153
json_add_time(struct json_stream * result,const char * fieldname,struct timespec ts)1154 void json_add_time(struct json_stream *result, const char *fieldname,
1155 struct timespec ts)
1156 {
1157 char timebuf[100];
1158
1159 snprintf(timebuf, sizeof(timebuf), "%lu.%09u",
1160 (unsigned long)ts.tv_sec,
1161 (unsigned)ts.tv_nsec);
1162 json_add_string(result, fieldname, timebuf);
1163 }
1164
json_add_timeiso(struct json_stream * result,const char * fieldname,struct timeabs * time)1165 void json_add_timeiso(struct json_stream *result,
1166 const char *fieldname,
1167 struct timeabs *time)
1168 {
1169 char iso8601_msec_fmt[sizeof("YYYY-mm-ddTHH:MM:SS.%03dZ")];
1170 char iso8601_s[sizeof("YYYY-mm-ddTHH:MM:SS.nnnZ")];
1171
1172 strftime(iso8601_msec_fmt, sizeof(iso8601_msec_fmt),
1173 "%FT%T.%%03dZ", gmtime(&time->ts.tv_sec));
1174 snprintf(iso8601_s, sizeof(iso8601_s),
1175 iso8601_msec_fmt, (int) time->ts.tv_nsec / 1000000);
1176
1177 json_add_string(result, fieldname, iso8601_s);
1178 }
1179
1180
json_add_tok(struct json_stream * result,const char * fieldname,const jsmntok_t * tok,const char * buffer)1181 void json_add_tok(struct json_stream *result, const char *fieldname,
1182 const jsmntok_t *tok, const char *buffer)
1183 {
1184 char *space;
1185 assert(tok->type != JSMN_UNDEFINED);
1186
1187 space = json_member_direct(result, fieldname, json_tok_full_len(tok));
1188 memcpy(space, json_tok_full(buffer, tok), json_tok_full_len(tok));
1189 }
1190
json_add_errcode(struct json_stream * result,const char * fieldname,errcode_t code)1191 void json_add_errcode(struct json_stream *result, const char *fieldname,
1192 errcode_t code)
1193 {
1194 json_add_member(result, fieldname, false, "%"PRIerrcode, code);
1195 }
1196
json_add_invstring(struct json_stream * result,const char * invstring)1197 void json_add_invstring(struct json_stream *result, const char *invstring)
1198 {
1199 if (strstarts(invstring, "lni"))
1200 json_add_string(result, "bolt12", invstring);
1201 else
1202 json_add_string(result, "bolt11", invstring);
1203 }
1204