You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@groovy.apache.org by jw...@apache.org on 2017/05/27 21:07:14 UTC

[3/6] groovy git commit: GROOVY-7979: Add check for end of negative number

GROOVY-7979: Add check for end of negative number

The check for the minus sign increments the character index by one. A
check is added to ensure that this does not go over the end of the
expected character substring.


Project: http://git-wip-us.apache.org/repos/asf/groovy/repo
Commit: http://git-wip-us.apache.org/repos/asf/groovy/commit/257c2751
Tree: http://git-wip-us.apache.org/repos/asf/groovy/tree/257c2751
Diff: http://git-wip-us.apache.org/repos/asf/groovy/diff/257c2751

Branch: refs/heads/master
Commit: 257c2751ca8aa54db6cddac9b38270b9913b374c
Parents: 5642335
Author: James Laverack <ja...@jameslaverack.com>
Authored: Sun May 14 20:21:43 2017 +0100
Committer: John Wagenleitner <jw...@apache.org>
Committed: Sat May 27 13:03:55 2017 -0700

----------------------------------------------------------------------
 .../java/groovy/json/internal/CharScanner.java    | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/groovy/blob/257c2751/subprojects/groovy-json/src/main/java/groovy/json/internal/CharScanner.java
----------------------------------------------------------------------
diff --git a/subprojects/groovy-json/src/main/java/groovy/json/internal/CharScanner.java b/subprojects/groovy-json/src/main/java/groovy/json/internal/CharScanner.java
index f226fa4..596c648 100644
--- a/subprojects/groovy-json/src/main/java/groovy/json/internal/CharScanner.java
+++ b/subprojects/groovy-json/src/main/java/groovy/json/internal/CharScanner.java
@@ -155,6 +155,9 @@ public class CharScanner {
                 offset++;
                 negative = true;
             }
+            if (offset >= to) {
+                die();
+            }
             num = (digitChars[offset] - '0');
             if (++offset < to) {
                 num = (num * 10) + (digitChars[offset] - '0');
@@ -197,7 +200,9 @@ public class CharScanner {
             offset++;
             negative = true;
         }
-
+        if (offset >= to) {
+            die();
+        }
         c = digitChars[offset];
         num = (c - '0');
         offset++;
@@ -220,7 +225,9 @@ public class CharScanner {
             offset++;
             negative = true;
         }
-
+        if (offset >= to) {
+            die();
+        }
         c = digitChars[offset];
         num = (c - '0');
         offset++;
@@ -243,7 +250,9 @@ public class CharScanner {
             offset++;
             negative = true;
         }
-
+        if (offset >= to) {
+            die();
+        }
         c = digitChars[offset];
         num = (c - '0');
         offset++;
@@ -289,6 +298,9 @@ public class CharScanner {
         if (buffer[index] == '-') {
             index++;
         }
+        if (index >= max) {
+            die();
+        }
 
         boolean foundDot = false;
         for (; index < max; index++) {