Separate handling for pos/neg exp and improve pos exp overflow

Tencent · Apr 24, 2015 · 735354e · 735354e
1 parent 93d13ad
commit 735354e
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 8 deletions.
diff --git a/include/rapidjson/reader.h b/include/rapidjson/reader.h
@@ -925,14 +925,21 @@ class GenericReader {
 
             if (s.Peek() >= '0' && s.Peek() <= '9') {
                 exp = s.Take() - '0';
-                while (s.Peek() >= '0' && s.Peek() <= '9') {
-                    exp = exp * 10 + (s.Take() - '0');
-                    if (exp > 308 && !expMinus) // exp > 308 should be rare, so it should be checked first.
-                        RAPIDJSON_PARSE_ERROR(kParseErrorNumberTooBig, s.Tell());
-                    else if (exp >= 429496729 && expMinus) {        // Issue #313: prevent overflow exponent
-                        while (s.Peek() >= '0' && s.Peek() <= '9')  // Consume the rest of exponent
-                            s.Take();
-                        break;
+                if (expMinus) {
+                    while (s.Peek() >= '0' && s.Peek() <= '9') {
+                        exp = exp * 10 + (s.Take() - '0');
+                        if (exp >= 429496729) {                     // Issue #313: prevent overflow exponent
+                            while (s.Peek() >= '0' && s.Peek() <= '9')  // Consume the rest of exponent
+                                s.Take();
+                        }
+                    }
+                }
+                else {  // positive exp
+                    int maxExp = 308 - expFrac;
+                    while (s.Peek() >= '0' && s.Peek() <= '9') {
+                        exp = exp * 10 + (s.Take() - '0');
+                        if (exp > maxExp)
+                            RAPIDJSON_PARSE_ERROR(kParseErrorNumberTooBig, s.Tell());
                     }
                 }
             }

diff --git a/test/unittest/readertest.cpp b/test/unittest/readertest.cpp
@@ -229,6 +229,7 @@ static void TestParseDouble() {
     TEST_DOUBLE(fullPrecision, "1e-00011111111111", 0.0);                           // Issue #313
     TEST_DOUBLE(fullPrecision, "-1e-00011111111111", -0.0);
     TEST_DOUBLE(fullPrecision, "1e-429496729", 0.0);                                // Maximum supported negative exponent
+    TEST_DOUBLE(fullPrecision, "0.017976931348623157e+310", 1.7976931348623157e+308); // Max double in another form
 
 
     // Since