Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Bug in SerializeJSON

DZone's Guide to

Bug in SerializeJSON

· Web Dev Zone ·
Free Resource

Learn how error monitoring with Sentry closes the gap between the product team and your customers. With Sentry, you can focus on what you do best: building and scaling software that makes your users’ lives better.

I've spent the last few hours trying to track down an intermittent bug and it seems to be caused by SerializeJSON on CF9.01 patched with the Cumulative Hotfix 1 (CHF1) for ColdFusion 9.0.1. Here's a quick example:
<cfset foo = {telephone="123456789"}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#IsJson(bar)#">

<cfset foo = {telephone="+123456789"}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#IsJson(bar)#">

<cfset foo = {telephone=" +123456789"}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#IsJson(bar)#">

<cfset foo = {telephone="+123456789 "}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#IsJson(bar)#">

<cfset foo = {telephone="+ 123456789"}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#IsJson(bar)#">

<cfset foo = {telephone=["+123456789"]}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#IsJson(bar)#">

<cfset foo = {telephone=[" +123456789 "]}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#IsJson(bar)#">

<cfset foo = {telephone=["+123456789 "]}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#IsJson(bar)#">

The output I get when I run the above code returns:


YES NO YES NO YES NO YES NO

Looking a bit closer at the string that SerializeJSON is creating I noticed that ColdFusion treats "+123456789" as a numeric value and therefore does not wrap it in quotes when generating the JSON. To demonstrate here is another bit of test code.

<cfset foo = {telephone1="+123456789",telephone2=" +123456789",telephone3="+123456789 "}>
<cfset bar = SerializeJSON(foo)>
<cfdump var="#bar#">
<cfdump var="#IsJson(bar)#">
<cfdump var="#DeSerializeJSON(bar)#">

When I run this I get:

{"TELEPHONE1":+123456789,"TELEPHONE2":" +123456789","TELEPHONE3":+123456789 } NO

The web site you are accessing has experienced an unexpected error.
Please contact the website administrator. 

Error Occurred While Processing Request

JSON parsing failure at character 15:'+' in {"TELEPHONE1":+123456789,"TELEPHONE2":" +123456789","TELEPHONE3":+123456789 }
 
The error occurred in C:\xampp\htdocs\scratchpad\index.cfm: line 12
10 : <cfdump var="#bar#">
11 : <cfdump var="#IsJson(bar)#">
12 : <cfdump var="#DeSerializeJSON(bar)#">

 

So there you go, looks like a bug to me and I'll be adding it to the bug tracker unless anyone else has already reported it.

Update: I tried removing chf9010001.jar from my lib\updates folder and restarting ColdFusion and everything works as expected, so this bug seems to have been introduced in the HotFix.

What’s the best way to boost the efficiency of your product team and ship with confidence? Check out this ebook to learn how Sentry's real-time error monitoring helps developers stay in their workflow to fix bugs before the user even knows there’s a problem.

Topics:

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}