diff --git a/CMakeLists.txt b/CMakeLists.txt index 407d359..dccf998 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -47,6 +47,7 @@ if (ENABLE_CUSTOM_COMPILER_FLAGS) -Wmissing-variable-declarations -Wused-but-marked-unused -Wswitch-enum + -Wfloat-equal ) elseif("${CMAKE_C_COMPILER_ID}" STREQUAL "MSVC") # Disable warning c4001 - nonstandard extension 'single line comment' was used diff --git a/Makefile b/Makefile index cf1f09a..e70f542 100644 --- a/Makefile +++ b/Makefile @@ -34,7 +34,7 @@ else CFLAGS += -fstack-protector endif -R_CFLAGS = -fPIC -std=c89 -pedantic -Wall -Werror -Wstrict-prototypes -Wwrite-strings -Wshadow -Winit-self -Wcast-align -Wformat=2 -Wmissing-prototypes -Wstrict-overflow=2 -Wcast-qual -Wc++-compat -Wundef -Wswitch-default -Wconversion $(CFLAGS) +R_CFLAGS = -fPIC -std=c89 -pedantic -Wall -Werror -Wstrict-prototypes -Wwrite-strings -Wshadow -Winit-self -Wcast-align -Wformat=2 -Wmissing-prototypes -Wstrict-overflow=2 -Wcast-qual -Wc++-compat -Wundef -Wswitch-default -Wconversion -Wfloat-equal $(CFLAGS) uname := $(shell sh -c 'uname -s 2>/dev/null || echo false') diff --git a/cJSON.c b/cJSON.c index 60b72c0..f643073 100644 --- a/cJSON.c +++ b/cJSON.c @@ -480,6 +480,12 @@ static void update_offset(printbuffer * const buffer) buffer->offset += strlen((const char*)buffer_pointer); } +/* securely comparison of floating-point variables */ +static cJSON_bool compare_double(double a, double b) +{ + return (fabs(a - b) <= a * CJSON_DOUBLE_PRECIION); +} + /* Render the number nicely from the given item into a string. */ static cJSON_bool print_number(const cJSON * const item, printbuffer * const output_buffer) { @@ -497,7 +503,7 @@ static cJSON_bool print_number(const cJSON * const item, printbuffer * const out } /* This checks for NaN and Infinity */ - if ((d * 0) != 0) + if (!compare_double(d * 0, 0)) { length = sprintf((char*)number_buffer, "null"); } @@ -507,7 +513,7 @@ static cJSON_bool print_number(const cJSON * const item, printbuffer * const out length = sprintf((char*)number_buffer, "%1.15g", d); /* Check whether the original double can be recovered */ - if ((sscanf((char*)number_buffer, "%lg", &test) != 1) || ((double)test != d)) + if ((sscanf((char*)number_buffer, "%lg", &test) != 1) || !compare_double((double)test, d)) { /* If not, print with 17 decimal places of precision */ length = sprintf((char*)number_buffer, "%1.17g", d); @@ -2876,7 +2882,7 @@ CJSON_PUBLIC(cJSON_bool) cJSON_Compare(const cJSON * const a, const cJSON * cons return true; case cJSON_Number: - if (a->valuedouble == b->valuedouble) + if (compare_double(a->valuedouble, b->valuedouble)) { return true; } diff --git a/cJSON.h b/cJSON.h index 592986b..ef701a2 100644 --- a/cJSON.h +++ b/cJSON.h @@ -137,6 +137,11 @@ typedef int cJSON_bool; #define CJSON_NESTING_LIMIT 1000 #endif +/* Precision of double variables comparison */ +#ifndef CJSON_DOUBLE_PRECIION +#define CJSON_DOUBLE_PRECIION .00001 +#endif + /* returns the version of cJSON as a string */ CJSON_PUBLIC(const char*) cJSON_Version(void); diff --git a/cJSON_Utils.c b/cJSON_Utils.c index 7df4db2..43e2630 100644 --- a/cJSON_Utils.c +++ b/cJSON_Utils.c @@ -39,6 +39,7 @@ #include #include #include +#include #if defined(_MSC_VER) #pragma warning (pop) @@ -105,6 +106,13 @@ static int compare_strings(const unsigned char *string1, const unsigned char *st return tolower(*string1) - tolower(*string2); } +/* securely comparison of floating-point variables */ +static cJSON_bool compare_double(double a, double b) +{ + return (fabs(a - b) <= a * CJSON_DOUBLE_PRECIION); +} + + /* Compare the next path element of two JSON pointers, two NULL pointers are considered unequal: */ static cJSON_bool compare_pointers(const unsigned char *name, const unsigned char *pointer, const cJSON_bool case_sensitive) { @@ -595,7 +603,7 @@ static cJSON_bool compare_json(cJSON *a, cJSON *b, const cJSON_bool case_sensiti { case cJSON_Number: /* numeric mismatch. */ - if ((a->valueint != b->valueint) || (a->valuedouble != b->valuedouble)) + if ((a->valueint != b->valueint) || (!compare_double(a->valuedouble, b->valuedouble))) { return false; } @@ -1135,7 +1143,7 @@ static void create_patches(cJSON * const patches, const unsigned char * const pa switch (from->type & 0xFF) { case cJSON_Number: - if ((from->valueint != to->valueint) || (from->valuedouble != to->valuedouble)) + if ((from->valueint != to->valueint) || (compare_double(from->valuedouble, to->valuedouble))) { compose_patch(patches, (const unsigned char*)"replace", path, NULL, to); }