Closed arthurscchan closed 9 months ago
Lol. "Doing the right thing would be bit slower than letting things fail in bad ways" is certainly one way to approach things! :-D :-D :-D
Ok, yeah, If so, need to work around such sub-standard implementation. Will look at PR next.
The IonParser::nextToken() method relies on the IonReader implementations to retrieve the next token. Those IonReader implementations are provided by the upstream Amazon Java-Ion package and some of the code in those IonReader implementations does mention that if the provided data is malformed, it could throw
IndexOutOfBoundsException
and that is not handled because it would sacrifice performance. And IonParser::nextToken() fails to handle them nor check if the input is malformed. This results in an unexpectedIndexOutOfBoundsException
being thrown to the user.Below are two sample code that mentioned the possible throwing of
IndexOutOfBoundsException
from the upstream IonCursorBinary::uncheckedReadVarUInt_1_0(byte) method and IonReaderContinuableCoreBinary::readVarInt_1_0 method.The simplest fix is to catch the
IndexOutOfBoundsException
and wrap it with theJsonParseException
. A better way may be adding some checking before the upstream call to ensure malformed data is detected and exit before calling those upstream methods.We found this issue by OSS-Fuzz and it is reported in https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65062 and https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65083.