SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 05:40:11 +01:00
Code Issues Releases Activity Actions

Make json parsing more strict
Some checks are pending
Go / build (push) Waiting to run
Details
Go / run_modver (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
koplas 2025-07-02 17:06:25 +02:00
parent c833c00f84
commit fc3837d655
No known key found for this signature in database
13 changed files with 68 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

34
internal/misc/json.go Normal file
View file

@ -0,0 +1,34 @@
// This file is Free Software under the Apache-2.0 License
// without warranty, see README.md and LICENSES/Apache-2.0.txt for details.
//
// SPDX-License-Identifier: Apache-2.0
//
// SPDX-FileCopyrightText: 2023 German Federal Office for Information Security (BSI) <https://www.bsi.bund.de>
// Software-Engineering: 2023 Intevation GmbH <https://intevation.de>
package misc
import (
"encoding/json"
"fmt"
"io"
)
// StrictJSONParse provides JSON parsing with stronger validation.
func StrictJSONParse(jsonData io.Reader, target interface{}) error {
decoder := json.NewDecoder(jsonData)
decoder.DisallowUnknownFields()
err := decoder.Decode(target)
if err != nil {
return fmt.Errorf("strictJSONParse: %w", err)
}
token, err := decoder.Token()
if err != io.EOF {
return fmt.Errorf("strictJSONParse: unexpected trailing data after JSON: token: %v, err: %v", token, err)
}
return nil
}