Re: [PATCH 0/9] MR10457: windows.web: Support JSON array and object parsing

March 26, 2026

I agree with the changes made here. I would also propose an additional change as currently the parser can accept malformed input when there is no white space before the closing character, i.e. `[ ... ,] & { ... ,}`

```

diff --git a/dlls/windows.web/json_value.c b/dlls/windows.web/json_value.c
index ce8d073811e..857d3630312 100644
--- a/dlls/windows.web/json_value.c
+++ b/dlls/windows.web/json_value.c
@@ -412,6 +412,11 @@ static HRESULT parse_json_array( struct json_buffer *json, IJsonArray **value )
         hr = json_array_push( array, child );
         IJsonValue_Release( child );
         if (FAILED(hr) || !json_buffer_take( json, L",", TRUE )) break;
+        if (json_buffer_take( json, L"]", TRUE ))
+        {
+            hr = WEB_E_INVALID_JSON_STRING;
+            break;
+        }
     }
 
     if (FAILED(hr)) IJsonArray_Release( array );
@@ -453,6 +458,11 @@ static HRESULT parse_json_object( struct json_buffer *json, IJsonObject **value
         WindowsDeleteString( key );
         IJsonValue_Release( value );
         if (FAILED(hr) || !json_buffer_take( json, L",", TRUE )) break;
+        if (json_buffer_take( json, L"}", TRUE ))
+        {
+            hr = WEB_E_INVALID_JSON_STRING;
+            break;
+        }
     }
 
     if (FAILED(hr)) IJsonObject_Release( object );
diff --git a/dlls/windows.web/tests/web.c b/dlls/windows.web/tests/web.c
index 04544ac4192..af41242f750 100644
--- a/dlls/windows.web/tests/web.c
+++ b/dlls/windows.web/tests/web.c
@@ -770,11 +770,18 @@ static void test_JsonValueStatics(void)
     check_json( json_value_statics, json, JsonValueType_String, TRUE );
     json = L"[\"Wine\", \"Linux\"]";
     check_json( json_value_statics, json, JsonValueType_Array, TRUE );
+    json = L"[\"Wine\", \"Linux\",]";
+    check_json( json_value_statics, json, JsonValueType_Array, FALSE );
     json = L"{"
             "    \"Wine\": \"The Wine Project\","
             "    \"Linux\": [\"Arch\", \"BTW\"]"
             "}";
     check_json( json_value_statics, json, JsonValueType_Object, TRUE );
+    json = L"{"
+            "    \"Wine\": \"The Wine Project\","
+            "    \"Linux\": [\"Arch\", \"BTW\"],"
+            "}";
+    check_json( json_value_statics, json, JsonValueType_Object, FALSE );
 
     /* Invalid JSON */
 
```

-- 
https://gitlab.winehq.org/wine/wine/-/merge_requests/10457#note_133904

    

Re: [PATCH 0/9] MR10457: windows.web: Support JSON array and object parsing

Olivia Ryan (＠olivi-r)