From c4be790c0e20bfa4def3103392f404de201b3487 Mon Sep 17 00:00:00 2001
From: Erik Dubbelboer <erik@dubbelboer.com>
Date: Wed, 15 Jul 2015 16:12:05 +0200
Subject: encoding/json: check if Number is valid

json.Number is a special case which didn't have any checks and could result in invalid JSON.

Fixes #10281

Change-Id: Ie3e726e4d6bf6a6aba535d36f6107013ceac913a
Reviewed-on: https://go-review.googlesource.com/12250
Reviewed-by: Russ Cox <rsc@golang.org>
---
 src/encoding/json/encode.go | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src/encoding/json/encode.go')

diff --git a/src/encoding/json/encode.go b/src/encoding/json/encode.go
index 6af2fabeb4..364e2724b7 100644
--- a/src/encoding/json/encode.go
+++ b/src/encoding/json/encode.go
@@ -14,6 +14,7 @@ import (
 	"bytes"
 	"encoding"
 	"encoding/base64"
+	"fmt"
 	"math"
 	"reflect"
 	"runtime"
@@ -529,8 +530,12 @@ var (
 func stringEncoder(e *encodeState, v reflect.Value, quoted bool) {
 	if v.Type() == numberType {
 		numStr := v.String()
+		// In Go1.5 the empty string encodes to "0", while this is not a valid number literal
+		// we keep compatibility so check validity after this.
 		if numStr == "" {
 			numStr = "0" // Number's zero-val
+		} else if !Number(numStr).IsValid() {
+			e.error(fmt.Errorf("json: invalid number literal, trying to marshal %s", v.String()))
 		}
 		e.WriteString(numStr)
 		return
-- 
cgit v1.3