Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ArrayIndexOutOfBoundsException for specific invalid content, with Reader-based parser #1169

Closed
cowtowncoder opened this issue Dec 14, 2023 · 0 comments
Closed

ArrayIndexOutOfBoundsException for specific invalid content, with Reader-based parser #1169

cowtowncoder opened this issue Dec 14, 2023 · 0 comments
Labels
2.17 Issues planned (at earliest) for 2.17
Milestone
2.17.0

Comments

@cowtowncoder
Copy link
Member

(note: found by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61198)

Looks like there is a case where, if:

  1. JsonParser configured to accept non-standard leading plus sign (JsonReadFeature.ALLOW_LEADING_PLUS_SIGN_FOR_NUMBERS)
  2. Content is read using character-based parser (ReaderBasedJsonParser)
  3. Some boundary condition is reached (can emulate with 1-char-at-a-time Reader)
  4. Call is made to JsonParser.getNumberType() (or possibly other number accessors)

there's an AIOOBE with stack trace like:

 	 at com.fasterxml.jackson.core.io.NumberInput.parseInt(NumberInput.java:55)
	 at com.fasterxml.jackson.core.util.TextBuffer.contentsAsInt(TextBuffer.java:631)
	 at com.fasterxml.jackson.core.base.ParserBase._parseNumericValue(ParserBase.java:891)
	 at com.fasterxml.jackson.core.base.ParserBase.getNumberType(ParserBase.java:735)
@cowtowncoder cowtowncoder added the 2.17 Issues planned (at earliest) for 2.17 label Dec 14, 2023
cowtowncoder added a commit that referenced this issue Dec 14, 2023
@cowtowncoder
Add failing test for #1169
63ef476
@cowtowncoder cowtowncoder changed the title ArrayIndexOutOfBoundsException for specific invalid content, with Reader-backed parser ArrayIndexOutOfBoundsException for specific invalid content, with Reader-based parser Dec 14, 2023
cowtowncoder added a commit that referenced this issue Dec 14, 2023
@cowtowncoder
Fix #1169
a854f14
@cowtowncoder cowtowncoder added this to the 2.17.0 milestone Dec 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2.17 Issues planned (at earliest) for 2.17
Projects
None yet
Milestone
2.17.0
Development

No branches or pull requests
1 participant
@cowtowncoder