You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org> on 2017/11/28 10:43:17 UTC

[jira] [Closed] (CXF-7496) Parsing Bug in org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter: in-string "{"

     [ https://issues.apache.org/jira/browse/CXF-7496?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Colm O hEigeartaigh closed CXF-7496.
------------------------------------

> Parsing Bug in org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter: in-string "{"
> ---------------------------------------------------------------------------------------
>
>                 Key: CXF-7496
>                 URL: https://issues.apache.org/jira/browse/CXF-7496
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS
>    Affects Versions: 3.1.7, 3.1.12
>         Environment: java version "1.8.0_25"
> Java(TM) SE Runtime Environment (build 1.8.0_25-b18)
> Java HotSpot(TM) 64-Bit Server VM (build 25.25-b02, mixed mode)
>            Reporter: Alon Bar-Lev
>            Assignee: Sergey Beryozkin
>             Fix For: 3.1.13, 3.2.0
>
>
> Hello,
> We have found incorrect parsing of "{" within JSON strings. It seems like the parser searches for "{" and "}" regardless of string boundary.
> A reproduction program is attached, using latest 3.1.12 version.
> Thanks!
> h2. REPRODUCTION
> {code}
> import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
> public class JsonMapReaderNotWorking {
> 	
> 	public static void main(String args[]) throws Exception
> 	{
> 		JsonMapObjectReaderWriter jsonMapObjectReaderWriter = new JsonMapObjectReaderWriter();
> 		String s = "{\"x\":{\"y\":\"{\"}}";
> 		System.out.println(s);
> 		jsonMapObjectReaderWriter.fromJson(s);
> 	}
> }
> {code}
> h2. RESULT
> {code}
> 	{"x":{"y":"{"}}
> 	Exception in thread "main" java.lang.StringIndexOutOfBoundsException: String index out of range: -6
> 		at java.lang.String.substring(String.java:1967)
> 		at org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter.readJsonObjectAsSettable(JsonMapObjectReaderWriter.java:189)
> 		at org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter.fromJson(JsonMapObjectReaderWriter.java:162)
> 		at JsonMapReaderNotWorking.main(JsonMapReaderNotWorking.java:13)
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)