-
-
Notifications
You must be signed in to change notification settings - Fork 764
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bounds-checks issues with Fast FP parser (placeholder) #809
Comments
@pjfanning I am hoping to give you access to OssFuzz jackson projects -- I don't maintain them (nor written code) but collaborate with author(s). Full information is not by default world-accessible, due to possible security issues as some problems could be considered Vulnerabilities. The first issue (I think there are more, but first I saw) is reported for invalid input, with stack trace of:
and oss-fuzz testcase has actual input data (which we'll need to repro and perhaps request a fix or do the fix). |
@wrandelshofer AbstractFloatingPointBitsFromCharSequence is copied from your FastDoubleParser project. I don't yet have the input that caused the problem but I just thought I'd make you aware that there may be an issue. @cowtowncoder Jackson doesn't really support hex numbers anyway so it is unlikely that Jackson parsers would run into this issue. Users could use NumberInput class directly but this not really an encouraged use case. I'd still like to get this fixed - I'm just highlighting that this is relatively low impact for Jackson users. |
@pjfanning I could be wrong but I don't think Fuzzer calls these methods directly. So it would seem like code somehow managed to trigger execution. Most likely it'd be root-level JSON value that starts with something like I 100% agree that if this is not the case (and Fuzzer called helper methods directly), we really shouldn't care much. It is odd tho.. how Hex-value case would get that far. So I guess figuring out the specific Fuzz code, input, is important here. |
Fuzzer input file looks like garbage, but I suspect it might be due to encoding actual settings as prefix. Or something. |
(note: this is a placeholder until individual issues are created)
It looks like the new "fast FP parsing" functionality has a few issues uncoved by OssFuzz (https://oss-fuzz.com/)
jackson-core
project. This is not unsurprising as fuzzers are good at finding various edge cases for invalid input.I will need to figure out how to give access to actual reports; in the meantime, this issue can act as a placeholder for various instances.
The text was updated successfully, but these errors were encountered: