iop-json/parsers: Make parsers strict again about invalid \x and \u seqs

This is a revert of 838013bdf162 and 5d0f7222d1b704.

These patches were made after 487bf9ec11bfcc1 to not make the parsers
stricter on a stable branch, at the risk of breaking something on prod
platforms.

But we ultimately want to be strict, so let's do this on 2026 major
release before it is released.

Change-Id: I0a00abb6bb705482638b2b19d9e3f10e42e9d46e
Priv-Id: 8c93d1ce544ee89517ea8c2e6be9f273a4d20657

Author: LpZ-squall

src/core/parsing-helpers.c

@@ -102,18 +102,18 @@ parse_backslash(pstream_t *ps, sb_t *buf, int *line, int *col)
         }
         break;
       case 'x':
-        if (ps_has(ps, 4) && (a = hexdecode(ps->s + 2)) >= 0) {
-            sb_addc(buf, a);
+        if (ps_has(ps, 4)) {
+            sb_addc(buf, PS_CHECK(hexdecode(ps->s + 2)));
             SKIP(4);
             return 0;
         }
         break;
       case 'u': {
-        if (ps_has(ps, 6) && (a = hexdecode(ps->s + 2)) >= 0
-            && (b = hexdecode(ps->s + 4)) >= 0)
-        {
+        if (ps_has(ps, 6)) {
             int codepoint, skip_len;
 
+            a = PS_CHECK(hexdecode(ps->s + 2));
+            b = PS_CHECK(hexdecode(ps->s + 4));
             codepoint = (a << 8) | b;
 
             /* Handle Unicode character (BMP or surrogate pair) */

src/iop/json.blk

@@ -639,15 +639,15 @@ static int iop_json_lex_char(iop_json_lex_t *ll, int terminator)
             }
             break;
           case HEXADECIMAL:
-            if (HAS(4) && (a = hexdecode(PS->s + 2)) >= 0) {
+            if (HAS(4) && (a = PS_CHECK(hexdecode(PS->s + 2))) >= 0) {
                 ll->ctx->u.i = a;
                 SKIP(2);
             }
             break;
           case UNICODE:
             if (HAS(6)
-            &&  (a = hexdecode(PS->s + 2)) >= 0
-            &&  (b = hexdecode(PS->s + 4)) >= 0)
+            &&  (a = PS_CHECK(hexdecode(PS->s + 2))) >= 0
+            &&  (b = PS_CHECK(hexdecode(PS->s + 4))) >= 0)
             {
                 int codepoint = (a << 8) | b;
 

tests/zchk-iop.c

@@ -3120,41 +3120,6 @@ Z_GROUP_EXPORT(iop)
 
     } Z_TEST_END
     /* }}} */
-    Z_TEST(json_invalid_hex_escape, "test JSON with invalid \\x escapes") {
-        /* {{{ */
-        t_scope;
-        const iop_struct_t *st_string = &tstiop__string_test__s;
-
-        /* Invalid hex escape sequences after \x should be kept literally
-         * instead of causing a parse error.
-         * Regression test for a bug where PS_CHECK(hexdecode()) would
-         * propagate the error instead of falling through to the default
-         * literal copy. */
-        {
-            struct {
-                const char *json_input;
-                const char *expected_string;
-                const char *test_name;
-            } tests[] = {
-                {"\"\\x\\y\"", "\\x\\y", "two invalid hex escapes"},
-                {"\"\\xZZ\"", "\\xZZ", "invalid hex digits"},
-                {"\"\\x\"", "\\x", "truncated hex escape"},
-            };
-
-            carray_for_each_ptr(t, tests) {
-                tstiop__string_test__t string_test;
-                const char *json_buf;
-
-                json_buf = t_fmt("{\"testString\": %s}", t->json_input);
-                string_test.test_string = LSTR(t->expected_string);
-
-                Z_HELPER_RUN(iop_json_test_json(st_string, json_buf,
-                                                &string_test,
-                                                t->test_name));
-            }
-        }
-    } Z_TEST_END
-    /* }}} */
     Z_TEST(json_big_integer, "test JSON packing with big integers") { /* {{{ */
         SB_1k(sb);
         tstiop__my_struct_n__t sn = {