From bd808e4bc23b9b16473eba772a79e23c02b7e85c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?poljar=20=28Damir=20Jeli=C4=87=29?= Date: Tue, 20 Feb 2018 13:23:19 +0100 Subject: [PATCH] Don't use the object hook functionality of the json module. The json module runs the object hook for every json object contained in the json string. This could lead to unexpected object creation if the string contains more than a single object. --- matrix/api.py | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/matrix/api.py b/matrix/api.py index 33b50ce..4bc5c77 100644 --- a/matrix/api.py +++ b/matrix/api.py @@ -249,16 +249,16 @@ class MatrixMessage(): def _decode(self, server, object_hook): try: - event = json.loads( + parsed_dict = json.loads( self.response.body, encoding='utf-8', - object_hook=object_hook ) - self.event = event + + self.event = object_hook(parsed_dict) return (True, None) - except json.decoder.JSONDecodeError as error: + except JSONDecodeError as error: return (False, error) @@ -422,21 +422,12 @@ class MatrixBacklogMessage(MatrixMessage): ) def decode_body(self, server): - try: - parsed_dict = json.loads( - self.response.body, - encoding='utf-8', - ) - self.event = MatrixEvents.MatrixBacklogEvent.from_dict( - server, - self.room_id, - parsed_dict - ) + object_hook = partial( + MatrixEvents.MatrixBacklogEvent.from_dict, + server, + self.room_id) - return (True, None) - - except json.decoder.JSONDecodeError as error: - return (False, error) + return self._decode(server, object_hook) class MatrixJoinMessage(MatrixMessage):