Skip to content

Commit 3738654

Browse files
cowtowncodercowtowncoder
committed
Fix #288 
1 parent 622c65b commit 3738654

File tree

3 files changed

+34
-0
lines changed

3 files changed

+34
-0
lines changed

cbor/src/main/java/com/fasterxml/jackson/dataformat/cbor/CBORParser.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2697,6 +2697,11 @@ private final String _decodeShortName(int len) throws IOException
26972697

26982698
private final String _decodeLongerName(int len) throws IOException
26992699
{
2700+
// [dataformats-binary#288]: non-canonical length of 0 needs to be
2701+
// dealt with
2702+
if (len == 0) {
2703+
return "";
2704+
}
27002705
// Do we have enough buffered content to read?
27012706
if ((_inputEnd - _inputPtr) < len) {
27022707
// or if not, could we read?

cbor/src/test/java/com/fasterxml/jackson/dataformat/cbor/fuzz/Fuzz288_35750_NonCanonicalNameTest.java

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
package com.fasterxml.jackson.dataformat.cbor.fuzz;
2+
3+
import com.fasterxml.jackson.core.JsonParser;
4+
import com.fasterxml.jackson.core.JsonToken;
5+
import com.fasterxml.jackson.databind.ObjectMapper;
6+
import com.fasterxml.jackson.dataformat.cbor.CBORTestBase;
7+
8+
public class Fuzz288_35750_NonCanonicalNameTest extends CBORTestBase
9+
{
10+
private final ObjectMapper MAPPER = cborMapper();
11+
12+
// [dataformats-binary#288]: non-canonical representation for length of 0
13+
// causing ArrayOutOfBoundsException
14+
public void testInvalidLongName() throws Exception
15+
{
16+
final byte[] input = new byte[] {
17+
(byte) 0x8A,
18+
(byte) 0xAD, 0x7A, 0x00,
19+
0x00, 0x00, 0x00
20+
};
21+
22+
try (JsonParser p = MAPPER.createParser(input)) {
23+
assertToken(JsonToken.START_ARRAY, p.nextToken());
24+
assertToken(JsonToken.START_OBJECT, p.nextToken());
25+
assertToken(JsonToken.FIELD_NAME, p.nextToken());
26+
}
27+
}
28+
}

release-notes/VERSION-2.x

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ Modules:
1313
2.12.4 (not yet released)
1414

1515
#287: (cbor) Uncaught exception in CBORParser._nextChunkedByte2 (by ossfuzzer)
16+
#288: (cbor) Uncaught exception in CBORParser._findDecodedFromSymbols() (by ossfuzzer)
1617

1718
2.12.3 (12-Apr-2021)
1819

0 commit comments

Comments
 (0)