Skip to content

Commit

Permalink
Do not try to convert a very large string into number fix #9095 (#9115)
Browse files Browse the repository at this point in the history
  • Loading branch information
andrewtelnov authored Nov 28, 2024
1 parent 79339bb commit b3718af
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 1 deletion.
11 changes: 10 additions & 1 deletion packages/survey-core/src/helpers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -215,11 +215,13 @@ export class Helpers {
}
private static getNumberCore(value: any): number {
if (typeof value == "string") {
if(!value.trim()) return NaN;
value = value.trim();
if(!value) return NaN;
if(value.indexOf("0x") == 0) {
if(value.length > 32) return NaN;
return parseInt(value);
}
if(value.length > 15 && Helpers.isDigitsOnly(value)) return NaN;
if(Helpers.isStringHasOperator(value)) return NaN;
}
value = this.prepareStringToNumber(value);
Expand Down Expand Up @@ -320,6 +322,13 @@ export class Helpers {
public static isCharDigit(ch: string): boolean {
return ch >= "0" && ch <= "9";
}
public static isDigitsOnly(str: string): boolean {
if(!str) return false;
for(let i = 0; i < str.length; i ++) {
if(!Helpers.isCharDigit(str[i])) return false;
}
return true;
}
private static getNumberFromStr(str: string, index: number): number {
if(!this.isCharDigit(str[index])) return NaN;
let nStr = "";
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1683,3 +1683,10 @@ QUnit.test("ExpressionRunner: apply custom converter, #8634", function(assert) {

settings.parseNumber = oldCallback;
});
QUnit.test("ExpressionRunner: do not convert to number extreme large strings", function(assert) {
const runner = new ExpressionRunner("{a} + 2");
const values: any = { a: "999999999999999" };
assert.strictEqual(runner.run(values), 1000000000000001, "it is a number");
values.a = "9999999999999999";
assert.strictEqual(runner.run(values), "99999999999999992", "it is a string");
});

0 comments on commit b3718af

Please sign in to comment.