UTF8StreamJsonParser: fix byte to int conversion for malformed escapes #540
Commits on Jun 21, 2019
-
UTF8StreamJsonParser: fix byte to int conversion
This change ensures that the byte-to-int conversion results in a positive integer. Prior to this, the conversion could result to a negative integer when the byte was >= 0x80, which would lead to an ArrayIndexOutOfBoundsException when calling CharTypes.charToHex(ch). The issue could be reproduced with the following snippet: `factory.createParser(ObjectReadContext.empty(), "\"\\u\u0080\"".getBytes("UTF-8").nextToken()`. Traceback: ``` java.lang.ArrayIndexOutOfBoundsException: -62 at com.fasterxml.jackson.core.io.CharTypes.charToHex(CharTypes.java:213) at com.fasterxml.jackson.core.json.UTF8StreamJsonParser._decodeEscaped(UTF8StreamJsonParser.java:3606) at com.fasterxml.jackson.core.json.UTF8StreamJsonParser._skipString(UTF8StreamJsonParser.java:2888) at com.fasterxml.jackson.core.json.UTF8StreamJsonParser.nextToken(UTF8StreamJsonParser.java:685) ```
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.