Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix issue2689 (新版本解析到特定字符后直接触发异常) #2692

Merged
merged 2 commits into from Sep 3, 2019
Merged
Changes from all commits
Commits
File filter...
Filter file types
Jump to…
Jump to file or symbol
Failed to load files and symbols.

Always

Just for now

@@ -973,6 +973,10 @@ public final void scanString() {
char x1 = ch = next();
char x2 = ch = next();

if (!isHexChar(x1) || !isHexChar(x2)) {
throw new JSONException("invalid escape character \\x" + x1 + x2);
}

int x_val = digits[x1] * 16 + digits[x2];
char x_char = (char) x_val;
putChar(x_char);
@@ -5033,6 +5037,10 @@ private void scanStringSingleQuote() {
this.next();
}

private boolean isHexChar(char ch) {
return ((ch >= '0' && ch <= '9') || (ch >= 'a' && ch <= 'f') || (ch >= 'A' && ch <= 'F'));
}

/**
* Append a character to sbuf.
*/
@@ -0,0 +1,27 @@
package com.alibaba.json.bvt.issue_2600;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONException;
import junit.framework.TestCase;

import java.net.URLDecoder;

public class Issue2689 extends TestCase {

final String DEATH_STRING = "{\"a\":\"\\x";

public void test_OOM() throws Exception {

String line = new String("[{\\x22a\\x22:\\x22a\\xB1ph.\\xCD\\x86\\xBEI\\xBA\\xC3\\xBCiM+\\xCE\\xCE\\x1E\\xDF7\\x1E\\xD9z\\xD9Q\\x8A}\\xD4\\xB2\\xD5\\xA0y\\x98\\x08@\\xE1!\\xA8\\xEF^\\x0D\\x7F\\xECX!\\xFF\\x06IP\\xEC\\x9F[\\x85;\\x02\\x817R\\x87\\xFB\\x1Ch\\xCB\\xC7\\xC6\\x06\\x8F\\xE2Z\\xDA^J\\xEB\\xBCF\\xA6\\xE6\\xF4\\xF7\\xC1\\xE3\\xA4T\\x89\\xC6\\xB2\\x5Cx]");
line = line.replaceAll("\\\\x", "%");
String decodeLog = URLDecoder.decode(line, "UTF-8");
System.out.println(decodeLog);
try {
Object obj = JSON.parse(decodeLog);
obj = JSON.parse(DEATH_STRING);
} catch (Exception e) {
assertEquals(e.getClass(), JSONException.class);
assertTrue(e.getMessage().contains("invalid escape character \\x"));
}
}
}
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.