From b8494276a21db595729f890b15d780547e7c853a Mon Sep 17 00:00:00 2001 From: Wil Selwood Date: Fri, 2 Jun 2017 12:26:22 +0100 Subject: [PATCH 1/2] fix #382 - check before running off end of array --- .../jackson/core/io/UTF32Reader.java | 4 ++ .../jackson/core/io/TestUTF32Reader.java | 38 +++++++++++++++++++ 2 files changed, 42 insertions(+) mode change 100644 => 100755 src/main/java/com/fasterxml/jackson/core/io/UTF32Reader.java create mode 100755 src/test/java/com/fasterxml/jackson/core/io/TestUTF32Reader.java diff --git a/src/main/java/com/fasterxml/jackson/core/io/UTF32Reader.java b/src/main/java/com/fasterxml/jackson/core/io/UTF32Reader.java old mode 100644 new mode 100755 index 34b126cb0d..3461be19e5 --- a/src/main/java/com/fasterxml/jackson/core/io/UTF32Reader.java +++ b/src/main/java/com/fasterxml/jackson/core/io/UTF32Reader.java @@ -134,6 +134,10 @@ public int read(char[] cbuf, int start, int len) throws IOException { int ptr = _ptr; int ch; + if (_buffer.length < ptr + 4) { + reportUnexpectedEOF(_buffer.length - ptr, 4); + } + if (_bigEndian) { ch = (_buffer[ptr] << 24) | ((_buffer[ptr+1] & 0xFF) << 16) | ((_buffer[ptr+2] & 0xFF) << 8) | (_buffer[ptr+3] & 0xFF); diff --git a/src/test/java/com/fasterxml/jackson/core/io/TestUTF32Reader.java b/src/test/java/com/fasterxml/jackson/core/io/TestUTF32Reader.java new file mode 100755 index 0000000000..ec923c95d6 --- /dev/null +++ b/src/test/java/com/fasterxml/jackson/core/io/TestUTF32Reader.java @@ -0,0 +1,38 @@ +package com.fasterxml.jackson.core.io; + +import com.fasterxml.jackson.core.BaseTest; +import com.fasterxml.jackson.core.JsonFactory; +import com.fasterxml.jackson.core.JsonParser; +import org.junit.Test; + +import java.io.CharConversionException; +import java.io.IOException; + +/** + * Test experiment + */ +public class TestUTF32Reader extends BaseTest { + + public void testInvalidInput() throws IOException { + byte[] data = { + 0x00, + 0x00, + 0x00, + 0x20, + (byte) 0xFE, + (byte) 0xFF, + 0x00, + 0x01, + (byte) 0xFB + }; + + JsonFactory FACTORY = new JsonFactory(); + JsonParser parser = FACTORY.createParser(data); + try { + parser.nextToken(); + } catch (CharConversionException e) { + return; // + } + fail("Should have thrown a CharConversionException"); + } +} From 3cb4ad05fc920242c239bea37bb9556885f2dcd7 Mon Sep 17 00:00:00 2001 From: Wil Selwood Date: Fri, 2 Jun 2017 12:29:17 +0100 Subject: [PATCH 2/2] clean up test case --- .../fasterxml/jackson/core/io/TestUTF32Reader.java | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/src/test/java/com/fasterxml/jackson/core/io/TestUTF32Reader.java b/src/test/java/com/fasterxml/jackson/core/io/TestUTF32Reader.java index ec923c95d6..677a5450d4 100755 --- a/src/test/java/com/fasterxml/jackson/core/io/TestUTF32Reader.java +++ b/src/test/java/com/fasterxml/jackson/core/io/TestUTF32Reader.java @@ -3,16 +3,13 @@ import com.fasterxml.jackson.core.BaseTest; import com.fasterxml.jackson.core.JsonFactory; import com.fasterxml.jackson.core.JsonParser; -import org.junit.Test; import java.io.CharConversionException; import java.io.IOException; -/** - * Test experiment - */ public class TestUTF32Reader extends BaseTest { + // Make sure that invalid input is handled reasonably. public void testInvalidInput() throws IOException { byte[] data = { 0x00, @@ -26,12 +23,12 @@ public void testInvalidInput() throws IOException { (byte) 0xFB }; - JsonFactory FACTORY = new JsonFactory(); - JsonParser parser = FACTORY.createParser(data); + JsonFactory factory = new JsonFactory(); + JsonParser parser = factory.createParser(data); try { parser.nextToken(); } catch (CharConversionException e) { - return; // + return; } fail("Should have thrown a CharConversionException"); }