Skip to content

ref: added functionality to escapeJSONstrings (ref: #5251) #5508

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 16 commits into from
Mar 3, 2025
Merged

ref: added functionality to escapeJSONstrings (ref: #5251) #5508

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
7eb3f6f
ref: added functionality to escapeJSONstrings (ref: #5251)
DarkLord017 Feb 14, 2025
c30dc42
Apply suggestions from code review
DarkLord017 Feb 14, 2025
159822e
added size to increase while looping in memory (ref: #5251)
DarkLord017 Feb 16, 2025
7ed23f6
Merge branch 'master' into escape_functionality
DarkLord017 Feb 16, 2025
59ec335
Improve code, add tests and fix lint
Amxx Feb 18, 2025
77bb93b
add changeset
Amxx Feb 18, 2025
38601d2
Update contracts/utils/Strings.sol
Amxx Feb 19, 2025
5bfb4cf
Merge branch 'OpenZeppelin:master' into escape_functionality
DarkLord017 Feb 20, 2025
c7ab6c0
Fixed linter issue and removed escaping of forward slashes (ref: #5251)
DarkLord017 Feb 20, 2025
9102cc1
Merge branch 'master' into escape_functionality
Amxx Feb 24, 2025
74c3d8f
minimize changes
Amxx Feb 24, 2025
17186f7
more readable with solhint disable
Amxx Feb 24, 2025
7ffa24f
Update test/utils/Strings.test.js
Amxx Feb 24, 2025
ec41401
add warning
arr00 Mar 1, 2025
dba25a2
address PR comments
Amxx Mar 3, 2025
d18d78d
Merge branch 'escape_functionality' of https://github.com/DarkLord017…
Amxx Mar 3, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changeset/nice-cherries-reply.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'openzeppelin-solidity': minor
---

`Strings`: Add `espaceJSON` that escapes special characters in JSON strings.
45 changes: 45 additions & 0 deletions contracts/utils/Strings.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,14 @@ library Strings {

bytes16 private constant HEX_DIGITS = "0123456789abcdef";
uint8 private constant ADDRESS_LENGTH = 20;
uint256 private constant SPECIAL_CHARS_LOOKUP =
(1 << 0x08) | // backspace
(1 << 0x09) | // tab
(1 << 0x0a) | // newline
(1 << 0x0c) | // form feed
(1 << 0x0d) | // carriage return
(1 << 0x22) | // double quote
(1 << 0x5c); // backslash

/**
* @dev The `value` string doesn't fit in the specified `length`.
Expand Down Expand Up @@ -426,6 +434,43 @@ library Strings {
return value;
}

/**
* @dev Escape special characters in JSON strings. This can be useful to prevent JSON injection in NFT metadata.
*
* WARNING: This function should only be used in double quoted JSON strings. Single quotes are not escaped.
*/
function escapeJSON(string memory input) internal pure returns (string memory) {
bytes memory buffer = bytes(input);
bytes memory output = new bytes(2 * buffer.length); // worst case scenario
uint256 outputLength = 0;

for (uint256 i; i < buffer.length; ++i) {
bytes1 char = bytes1(_unsafeReadBytesOffset(buffer, i));
if (((SPECIAL_CHARS_LOOKUP & (1 << uint8(char))) != 0)) {
output[outputLength++] = "\\";
if (char == 0x08) output[outputLength++] = "b";
else if (char == 0x09) output[outputLength++] = "t";
else if (char == 0x0a) output[outputLength++] = "n";
else if (char == 0x0c) output[outputLength++] = "f";
else if (char == 0x0d) output[outputLength++] = "r";
else if (char == 0x5c) output[outputLength++] = "\\";
else if (char == 0x22) {
// solhint-disable-next-line quotes
output[outputLength++] = '"';
}
} else {
output[outputLength++] = char;
}
}
// write the actual length and deallocate unused memory
assembly ("memory-safe") {
mstore(output, outputLength)
mstore(0x40, add(output, shl(5, shr(5, add(outputLength, 63)))))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same here (audit will report consistency)

Suggested change
mstore(0x40, add(output, shl(5, shr(5, add(outputLength, 63)))))
mstore(64, add(output, shl(5, shr(5, add(outputLength, 63)))))

}

return string(output);
}

/**
* @dev Reads a bytes32 from a bytes array without bounds checking.
*
Expand Down
7 changes: 7 additions & 0 deletions test/utils/Strings.test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -339,4 +339,11 @@ describe('Strings', function () {
}
});
});

describe('Escape JSON string', function () {
for (const input of ['', 'a', '{"a":"b/c"}', 'a\tb\nc\\d"e\rf/g\fh\bi'])
it(`escape ${JSON.stringify(input)}`, async function () {
await expect(this.mock.$escapeJSON(input)).to.eventually.equal(JSON.stringify(input).slice(1, -1));
});
});
});
Loading