SafeJSON.JSONParse mangles number inside of string literal

Question

SafeJSON.JSONParse mangles number inside of string literal

Closed this issue 7 months ago · 2 comments

We hit this bug while trying to use WalletConnect with Dodo.

Test case:

it("should handle number inside string literal", () => {
  const nested = '{"params":{"proposer":{"metadata":{"description":"Trade Any Token on DODOEX. Swap ETH to WETH at 0.99852536006139370845107244063040676283327993685155310925333096461126073315184832, 0xEeeeeEeeeEeEeeEeEeEeeEEEeeeeEeeeeeeeEEeE, 0x82aF49447D8a07e3bd95BD0d56f35241523fBab1"}}}}';
  const result = safeJsonParse(nested);
  chai.expect(result).to.deep.eq(JSON.parse(nested));
});

The problem is that safe-json uses a regex to parse big numbers, but this regex does not respect the structure of JSON objects.

It would also be good if the library didn't swallow the error as this causes problems higher-up which are difficult to diagnose.

Answer 1 · 2023-11-06T22:49:24.000Z

More minimal test case:

it("should handle number inside string literal", () => {
  const nested = '{"x":"12345678901234567,"}';
  const result = safeJsonParse(nested);
  chai.expect(result).to.deep.eq(JSON.parse(nested));
});

Answer 2 · 2023-11-20T05:50:00.000Z

Welcome to submit a pull request with an improvement - will flag this to the team