Skip to content
This repository has been archived by the owner on Jan 22, 2019. It is now read-only.

Bug in boundary checking in the CBORParser #13

Merged
merged 1 commit into from
Aug 19, 2015
Merged

Bug in boundary checking in the CBORParser #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions src/main/java/com/fasterxml/jackson/dataformat/cbor/CBORParser.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2265,11 +2265,11 @@ private final String _findDecodedFromSymbols(final int len) throws IOException
int inPtr = _inputPtr;
final byte[] inBuf = _inputBuffer;
int q = inBuf[inPtr] & 0xFF;
if (len > 0) {
if (len > 1) {
q = (q << 8) + (inBuf[++inPtr] & 0xFF);
if (len > 1) {
if (len > 2) {
q = (q << 8) + (inBuf[++inPtr] & 0xFF);
if (len > 2) {
if (len > 3) {
q = (q << 8) + (inBuf[++inPtr] & 0xFF);
}
}
Expand Down
54 changes: 54 additions & 0 deletions src/test/java/com/fasterxml/jackson/dataformat/cbor/ParserInputStreamTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
package com.fasterxml.jackson.dataformat.cbor;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.junit.Test;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.SequenceInputStream;

public class ParserInputStreamTest extends CBORTestBase {

@Test
public void testInpuStream() throws Exception {
CBORFactory f = new CBORFactory();
ObjectMapper cborMapper = new ObjectMapper(new CBORFactory());
byte[] buffer = generateHugeCBOR(f);

// split the buffer in two smaller buffer
int len = 160;
byte[] buf1 = new byte[len];
byte[] buf2 = new byte[buffer.length - len];
System.arraycopy(buffer, 0, buf1, 0, len);
System.arraycopy(buffer, len, buf2, 0, buffer.length - len);

// aggregate the two buffers via a SequenceInputStream
ByteArrayInputStream in1 = new ByteArrayInputStream(buf1);
ByteArrayInputStream in2 = new ByteArrayInputStream(buf2);
SequenceInputStream inputStream = new SequenceInputStream(in1, in2);

try {
JsonNode jsonNode = cborMapper.readTree(inputStream);
}
catch (ArrayIndexOutOfBoundsException ex){
ex.printStackTrace();
fail("Shouldn't throw an ArrayIndexOutOfBoundsException while parsing!");
}
}

private byte[] generateHugeCBOR(CBORFactory f) throws IOException {
String hugeJson = "{";
for (char c='a'; c <= 'z'; c++) {
for (char cc='a'; cc <= 'z'; cc++) {
hugeJson += "\"" + c + cc + "\":0,";
}
for (int i = 0; i < 50; i++) {
hugeJson += "\"" + c + i + "\":" + i + ",";
}
}
hugeJson += "\"name\":123";
hugeJson += "}";
return cborDoc(f, hugeJson);
}
}