0

Came across a recent issue where user submitted string value 'null' is being stored into the data base as '"null"'. Basically double quotes are being added at the start and end of the String.

Investigation revealed that JSON-lib doesn't seem to handle the 'null' string value correctly. This is exhibited by the following test methods.

@Test
public void shouldHandleNullStringInJsonFormattedString() {
    String jsonTest = "[\"null\",\"aValue\"]";
    assertTrue(jsonTest.contains("\"null\""));
    assertFalse(jsonTest.contains("\"\\\"null\\\"\""));
    String convertedBack = JSONSerializer.toJSON(jsonTest).toString();
    // fails at below line
    assertFalse(convertedBack.contains("\"\\\"null\\\"\""));
}

@Test
public void shouldHandleNullStringLiteral() {
    JSONArray jsonArray1 = JSONArray.fromObject(Arrays.asList(null,"b"));
    JSONArray jsonArray2 = JSONArray.fromObject(Arrays.asList(JSONNull.getInstance(),"b"));
    JSONArray jsonArray3 = JSONArray.fromObject(Arrays.asList("null","b"));
    assertEquals("[null,\"b\"]", jsonArray1.toString());
    assertEquals("[null,\"b\"]", jsonArray2.toString());
    //fails at below line
    assertEquals("[\"null\",\"b\"]", jsonArray3.toString());
}

basically when browser sends ["null", "aValue"] to server, JSON-lib changes it to ["\"null\"", "aValue"]. Also from the server side we are unable to construct a JSON formatted String like ["null", "b"] using JSONArray. JSON-lib does not seem to handle these two basic scenarios properly.

Have emailed to the mailing list and contact email addressed on their site but no response yet. It seems like someone has previously posted about this issue on

http://sourceforge.net/p/json-lib/discussion/587134/thread/faf83e9a/

But no response for that either.

Any body has any suggestions/fixes for this issue ?

We are using the latest version of json-lib i.e 2.4

Update

Looking at the source code of json lib net.sf.json.util.JSONUtils.mayBeJSON method is a bit weird.

public static boolean mayBeJSON( String string ) {
      return string != null
            && ("null".equals( string )
                  || (string.startsWith( "[" ) && string.endsWith( "]" )) || (string.startsWith( "{" ) && string.endsWith( "}" )));
   }

Seems like any literal String value of 'null' is considered JSON ??

Code Weird
  • 1
  • 1

1 Answers1

0

Any body has any suggestions/fixes for this issue ?

My suggestion would be to download and build the latest version from github ( project " aalmiray / Json-lib" ). Try the "master" branch first, then the "development" branch, and finally look at the various forks that exist.

If that doesn't give you an answer, create your own fork and develop a fix for yourself ... then send a pull request to get it incorporated.

Plan B would be to look for an alternative to json-lib where issues are fixed more rapidly. The owners of this project seem to be taking forever to deal with issues and act on merge requests.

Stephen C
  • 698,415
  • 94
  • 811
  • 1,216
  • Yea ... but the "development" branch is ahead of 2.4 ... and there are various unmerged pull requests as well. – Stephen C Oct 17 '13 at 11:13
  • Don't want to rely on a non-released version of the source code and inherit another set of bugs... also I don't see any update on JSONUtils.mayBeJson method on any branch (i might be mistaken and the issue might be elsewhere..) – Code Weird Oct 17 '13 at 11:24
  • So point-fix the bug yourself ... so you are only relying on *your* bugs :-) – Stephen C Oct 17 '13 at 17:12