netliomax25-code opened a new pull request, #2681:
URL: https://github.com/apache/groovy/pull/2681
1. In `CharBuf.decodeJsonString` the backslash branch is guarded by `if
(index < to)`, a condition the enclosing for-loop already guarantees, so a
backslash in the final position of the string slice is treated as the start of
an escape and the following `chars[index]` read runs one element past the slice.
2. When a JSON string is unterminated and ends in a lone backslash,
`findEndQuote` returns the buffer length, so the over-read is `chars[to]`. This
routine is the single escape-decoding sink for every `JsonSlurper` parser type;
on the eager default (`CHAR_BUFFER`) parser a two-character document (a quote
then a backslash, `new JsonSlurper().parseText('"\\')`) raises a raw
`ArrayIndexOutOfBoundsException` instead of the documented `JsonException`, so
callers that guard untrusted input with `catch (JsonException)` miss it.
Changed the guard to require a character after the backslash and made a
dangling trailing escape raise `JsonException`, matching how the switch already
handles other invalid escapes. Added a regression test covering the parser
types and confirming valid escapes still decode.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]