Kean Erickson created JOHNZON-216:
-------------------------------------
Summary: JsonStreamParserImpl.readString throws
ArrayIndexOutOfBoundsException when dealing with string that contains escape
characters
Key: JOHNZON-216
URL: https://issues.apache.org/jira/browse/JOHNZON-216
Project: Johnzon
Issue Type: Bug
Affects Versions: 1.1.12
Reporter: Kean Erickson
There seems to be a bug within the JsonStreamParserImpl that is allowed in part
by how it is configured within TomEE. Currently TomEE configures it with a
maximum string length limit of 8192 bytes by default. It seems that escape
characters (with backslash) do not properly count towards the total length when
the string is validated, so it escapes validation.
To replicate, put the attached file "bad.json" in your user directory and run
this.
{code:java}
@Test
public void parseEscapeCharacters() throws IOException {
File bad = new File(System.getProperty("user.dir")+"/bad.json");
byte[] badbytes = Files.readAllBytes(bad.toPath());
String test = new String(badbytes, StandardCharsets.UTF_8);
int len = 8192;
BufferStrategy.BufferProvider<char[]> bs =
BufferStrategy.QUEUE.newCharProvider(len);
InputStream stream = new
ByteArrayInputStream(test.getBytes(StandardCharsets.UTF_8));
JsonStreamParserImpl impl = new JsonStreamParserImpl(stream, len, bs, bs,
false);
while (impl.hasNext())
impl.next();
}
{code}
Results in
{code:java}
java.lang.ArrayIndexOutOfBoundsException: 8192
at
org.apache.johnzon.core.JsonStreamParserImpl.appendToCopyBuffer(JsonStreamParserImpl.java:158)
at
org.apache.johnzon.core.JsonStreamParserImpl.readString(JsonStreamParserImpl.java:592)
at
org.apache.johnzon.core.JsonStreamParserImpl.handleQuote(JsonStreamParserImpl.java:695)
at
org.apache.johnzon.core.JsonStreamParserImpl.next(JsonStreamParserImpl.java:440)
at
org.apache.johnzon.core.JsonStreamParserImpl.next(JsonStreamParserImpl.java:400)
at zzz.parseEscapeCharacters(zzz.java:818){code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
