From 77cbf1700f5492f449f459fa19a40f88e494e93f Mon Sep 17 00:00:00 2001
From: John Doty <john@d0ty.me>
Date: Mon, 12 Aug 2024 09:41:22 -0700
Subject: [PATCH] Check for unterminated strings properly

Also, public to enable fuzzing. This was the first catch!
---
 src/lib.rs                   |  2 +-
 src/server/mod.rs            |  2 +-
 src/server/refresh.rs        |  2 +-
 src/server/refresh/docker.rs | 10 ++++++++--
 4 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/lib.rs b/src/lib.rs
index 6920aa0..d90a75e 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1,7 +1,7 @@
 mod client;
 mod message;
 mod reverse;
-mod server;
+pub mod server;
 
 pub const VERSION: &str = env!("CARGO_PKG_VERSION");
 pub const REV: &str = env!("REPO_REV");
diff --git a/src/server/mod.rs b/src/server/mod.rs
index 101cbc4..db56ce2 100644
--- a/src/server/mod.rs
+++ b/src/server/mod.rs
@@ -5,7 +5,7 @@ use log::{error, warn};
 use tokio::io::{AsyncRead, AsyncWrite, AsyncWriteExt, BufReader, BufWriter};
 use tokio::sync::mpsc;
 
-mod refresh;
+pub mod refresh;
 
 // We drive writes through an mpsc queue, because we not only handle requests
 // and responses from the client (refresh ports and the like) but also need
diff --git a/src/server/refresh.rs b/src/server/refresh.rs
index fb1a6b7..a1a3d05 100644
--- a/src/server/refresh.rs
+++ b/src/server/refresh.rs
@@ -10,7 +10,7 @@ use crate::message::PortDesc;
 mod procfs;
 
 #[cfg(unix)]
-mod docker;
+pub mod docker;
 
 pub async fn get_entries(_send_anonymous: bool) -> Result<Vec<PortDesc>> {
     #[cfg_attr(not(target_os = "linux"), allow(unused_mut))]
diff --git a/src/server/refresh/docker.rs b/src/server/refresh/docker.rs
index a8a55fe..fbce5c1 100644
--- a/src/server/refresh/docker.rs
+++ b/src/server/refresh/docker.rs
@@ -77,7 +77,7 @@ async fn list_containers() -> Result<Vec<u8>> {
 }
 
 #[derive(Debug, PartialEq)]
-enum JsonValue {
+pub enum JsonValue {
     Null,
     True,
     False,
@@ -207,7 +207,7 @@ impl JsonValue {
                         }
                         i += 1;
                     }
-                    if i == blob.len() {
+                    if i >= blob.len() {
                         bail!("Unterminated string at {i}");
                     }
                     assert_eq!(blob[i], b'"');
@@ -874,4 +874,10 @@ mod test {
         ]);
         assert_eq!(result, expected);
     }
+
+    #[test]
+    pub fn json_decode_unterminated_string_with_escape() {
+        let input = b"\"\\";
+        let _ = JsonValue::parse(input);
+    }
 }