From 1e6f01db8dbd4defe6d20e7b34977b7431e3abb5 Mon Sep 17 00:00:00 2001 From: Arthur Chan Date: Tue, 12 Dec 2023 01:59:39 +0000 Subject: [PATCH] Fixes for issue #445: Wraps unexpected NullPointerException (#446) --- .../jackson/dataformat/yaml/YAMLParser.java | 16 +++++++++--- .../yaml/deser/FuzzYAMLReadTest.java | 26 +++++++++++++++++++ 2 files changed, 38 insertions(+), 4 deletions(-) diff --git a/yaml/src/main/java/com/fasterxml/jackson/dataformat/yaml/YAMLParser.java b/yaml/src/main/java/com/fasterxml/jackson/dataformat/yaml/YAMLParser.java index cc603cd9..8ef6dfe3 100644 --- a/yaml/src/main/java/com/fasterxml/jackson/dataformat/yaml/YAMLParser.java +++ b/yaml/src/main/java/com/fasterxml/jackson/dataformat/yaml/YAMLParser.java @@ -1027,10 +1027,18 @@ public Object getNumberValueDeferred() throws IOException { // due to refactoring. So let's try to cobble something together if (_currToken == JsonToken.VALUE_NUMBER_INT) { - // For integrals, use eager decoding for all ints, longs (and - // some cheaper BigIntegers) - if (_cleanedTextValue.length() <= 18) { - return getNumberValue(); + // We might already have suitable value? + if ((_numTypesValid & NR_INT) != 0) { + return _numberInt; + } + if ((_numTypesValid & NR_LONG) != 0) { + return _numberLong; + } + if ((_numTypesValid & NR_BIGINT) != 0) { + return _getBigInteger(); + } + if (_cleanedTextValue == null) { + _reportError("Internal number decoding error: `_cleanedTextValue` null when nothing decoded for `JsonToken.VALUE_NUMBER_INT`"); } return _cleanedTextValue; } diff --git a/yaml/src/test/java/com/fasterxml/jackson/dataformat/yaml/deser/FuzzYAMLReadTest.java b/yaml/src/test/java/com/fasterxml/jackson/dataformat/yaml/deser/FuzzYAMLReadTest.java index dfc55112..ec677f32 100644 --- a/yaml/src/test/java/com/fasterxml/jackson/dataformat/yaml/deser/FuzzYAMLReadTest.java +++ b/yaml/src/test/java/com/fasterxml/jackson/dataformat/yaml/deser/FuzzYAMLReadTest.java @@ -1,5 +1,7 @@ package com.fasterxml.jackson.dataformat.yaml.deser; +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonProperty; import com.fasterxml.jackson.core.JacksonException; import com.fasterxml.jackson.core.JsonToken; import com.fasterxml.jackson.databind.JsonNode; @@ -85,4 +87,28 @@ public void testNumberDecoding61823() throws Exception verifyException(e, "Invalid number"); } } + + // [dataformats-text#445]: NPE + static class ModelContainer445 + { + public String string; + + @JsonCreator + public ModelContainer445(@JsonProperty(value = "string") String string) { + this.string = string; + } + } + + // [dataformats-text#445]: NPE + // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64662 + public void testNullPointerException445_64662() throws Exception + { + // Content itself odd, generated by Fuzz; but needs to trigger buffering to work + try { + YAML_MAPPER.readValue(" :: ! 0000000000000000000000000000", ModelContainer445.class); + fail("Should not pass"); + } catch (JacksonException e) { + verifyException(e, "Unrecognized field"); + } + } }