johnzon-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Struberg (JIRA)" <j...@apache.org>
Subject [jira] [Assigned] (JOHNZON-216) JsonStreamParserImpl.readString throws ArrayIndexOutOfBoundsException when dealing with string that contains escape characters
Date Tue, 25 Jun 2019 15:00:05 GMT

     [ https://issues.apache.org/jira/browse/JOHNZON-216?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Mark Struberg reassigned JOHNZON-216:
-------------------------------------

    Assignee: Mark Struberg

> JsonStreamParserImpl.readString throws ArrayIndexOutOfBoundsException when dealing with
string that contains escape characters
> ------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: JOHNZON-216
>                 URL: https://issues.apache.org/jira/browse/JOHNZON-216
>             Project: Johnzon
>          Issue Type: Bug
>    Affects Versions: 1.1.12
>            Reporter: Kean Erickson
>            Assignee: Mark Struberg
>            Priority: Minor
>         Attachments: bad.json
>
>
> There seems to be a bug within the JsonStreamParserImpl that is allowed in part by how
it is configured within TomEE. Currently TomEE configures it with a maximum string length
limit of 8192 bytes by default. It seems that escape characters (with backslash) do not properly
count towards the total length when the string is validated, so it escapes validation. 
> To replicate, put the attached file "bad.json" in your user directory and run this.
> {code:java}
> @Test
> public void parseEscapeCharacters() throws IOException  {
>    File bad = new File(System.getProperty("user.dir")+"/bad.json");
>    byte[] badbytes = Files.readAllBytes(bad.toPath());
>    String test =  new String(badbytes, StandardCharsets.UTF_8);
>    int len = 8192;
>    BufferStrategy.BufferProvider<char[]> bs = BufferStrategy.QUEUE.newCharProvider(len);
>    InputStream stream = new ByteArrayInputStream(test.getBytes(StandardCharsets.UTF_8));
>    JsonStreamParserImpl impl = new JsonStreamParserImpl(stream, len, bs, bs, false);
>    while (impl.hasNext())
>       impl.next();
> }
> {code}
> Results in 
> {code:java}
> java.lang.ArrayIndexOutOfBoundsException: 8192
> at org.apache.johnzon.core.JsonStreamParserImpl.appendToCopyBuffer(JsonStreamParserImpl.java:158)
> at org.apache.johnzon.core.JsonStreamParserImpl.readString(JsonStreamParserImpl.java:592)
> at org.apache.johnzon.core.JsonStreamParserImpl.handleQuote(JsonStreamParserImpl.java:695)
> at org.apache.johnzon.core.JsonStreamParserImpl.next(JsonStreamParserImpl.java:440)
> at org.apache.johnzon.core.JsonStreamParserImpl.next(JsonStreamParserImpl.java:400)
> at zzz.parseEscapeCharacters(zzz.java:818){code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message