Don't skip past \0 when parsing JSON objects.

A better solution might be to use -1 instead 0 to represent EOF everywhere, which of course means changing `char` variables to `int`. The solution here is enough to solve the immediate problem, though. Fixes #758.
2025-08-03 11:25:30 -04:00 · 2023-08-01 13:11:25 -07:00 · 2023-08-01 13:11:25 -07:00 · c8a9e15a57
commit c8a9e15a57
parent 402db6ad84
2 changed files with 14 additions and 1 deletions
--- a/src/main/java/org/json/JSONObject.java
+++ b/src/main/java/org/json/JSONObject.java
@ -253,7 +253,11 @@ public class JSONObject {
            switch (x.nextClean()) {
            case ';':
            case ',':
-                if (x.nextClean() == '}') {
+                c = x.nextClean();
+                if (c == 0) {
+                    throw x.syntaxError("A JSONObject text must end with '}'");
+                }
+                if (c == '}') {
                    return;
                }
                x.back();
--- a/src/test/java/org/json/junit/JSONObjectTest.java
+++ b/src/test/java/org/json/junit/JSONObjectTest.java
@ -2225,6 +2225,15 @@ public class JSONObjectTest {
                    "Expected a ',' or '}' at 15 [character 16 line 1]",
                    e.getMessage());
        }
+        try {
+            // \0 after ,
+            String str = "{\"myKey\":true, \0\"myOtherKey\":false}";
+            assertNull("Expected an exception",new JSONObject(str));
+        } catch (JSONException e) {
+          assertEquals("Expecting an exception message",
+              "A JSONObject text must end with '}' at 15 [character 16 line 1]",
+              e.getMessage());
+        }
        try {
            // append to wrong key
            String str = "{\"myKey\":true, \"myOtherKey\":false}";