Jettison

End document event generated before matching end element when processing invalid JSON with BadgerFishXMLStreamReader

Details

  • Type: Bug Bug
  • Status: Resolved Resolved
  • Priority: Critical Critical
  • Resolution: Fixed
  • Affects Version/s: 1.1
  • Fix Version/s: 1.3.2
  • Labels:
    None
  • Testcase included:
    yes
  • Patch Submitted:
    Yes
  • Number of attachments :
    1

Description

Let's take following JSON like string as an example. It is not valid BadgerFish JSON so we should get an error while processing it.

"{ \"alice\":

{ \"foo\" : \"bob\" }

}"

This generates now events
START_ELEMENT alice
START_ELEMENT alice
END_ELEMENT
END_DOCUMENT

If you have somewhere loop like
while ( reader.next() != END_ELEMENT )
you have potential infinite loop since start and end element events do not match. We fixed this by throwing an exception if the JSON object type is not what it is supposed to be according to Badgerfish format.

Patch and test attached.

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Bryan Mason added a comment -

I have encountered this same issue using the Jettison 1.2 library and the provided patch applies cleanly against this version as well. A source comparison of SVN 1.2 and 1.3.1 suggests this case is still unhandled and has potential to cause runaway threads. Is anyone from the Jettison team able to take a look at this issue and accept this patch for a future bug release?

Show
Bryan Mason added a comment - I have encountered this same issue using the Jettison 1.2 library and the provided patch applies cleanly against this version as well. A source comparison of SVN 1.2 and 1.3.1 suggests this case is still unhandled and has potential to cause runaway threads. Is anyone from the Jettison team able to take a look at this issue and accept this patch for a future bug release?
Sergey Beryozkin made changes -
Field Original Value New Value
Fix Version/s 1.3.2 [ 18256 ]
Description
Let's take following JSON like string as an example. It is not valid BadgerFish JSON so we should get an error while processing it.

"{ \"alice\": { \"foo\" : \"bob\" } }"

This generates now events
START_ELEMENT alice
START_ELEMENT alice
END_ELEMENT
END_DOCUMENT

If you have somewhere loop like
  while ( reader.next() != END_ELEMENT )
you have potential infinite loop since start and end element events do not match. We fixed this by throwing an exception if the JSON object type is not what it is supposed to be according to Badgerfish format.

Patch and test attached. 		Let's take following JSON like string as an example. It is not valid BadgerFish JSON so we should get an error while processing it.

"{ \"alice\": { \"foo\" : \"bob\" } }"

This generates now events
START_ELEMENT alice
START_ELEMENT alice
END_ELEMENT
END_DOCUMENT

If you have somewhere loop like
  while ( reader.next() != END_ELEMENT )
you have potential infinite loop since start and end element events do not match. We fixed this by throwing an exception if the JSON object type is not what it is supposed to be according to Badgerfish format.

Patch and test attached.
Hide
Permalink
Sergey Beryozkin added a comment -

Bryan - thanks for a patch

Show
Sergey Beryozkin added a comment - Bryan - thanks for a patch
Sergey Beryozkin made changes -
Status Open [ 1 ] Resolved [ 5 ]
Assignee Sergey Beryozkin [ sergey_beryozkin ]
Resolution Fixed [ 1 ]
Hide
Permalink
Sergey Beryozkin added a comment -

Mika - may be it was your patch - thanks to you too !

Show
Sergey Beryozkin added a comment - Mika - may be it was your patch - thanks to you too !

People

  • Assignee:
    Sergey Beryozkin
    Reporter:
    Mika Vesterholm
Vote (0)
Watch (2)

Dates

  • Created:
    Updated:
    Resolved: