In the ProtobufParser.currentName() method, there is an invocation of the ProtobufReadContext .getParent() method which could return a null value when the input is malformed and ended unexpectedly because there is no parent read context exists. If the result is null, the code will throw a NullPointerException in the next line when the ProtobufReadContext ::getCurrentName() method is called.
@Override // since 2.17
public String currentName() throws IOException
{
if (_currToken == JsonToken.START_OBJECT || _currToken == JsonToken.START_ARRAY) {
ProtobufReadContext parent = _parsingContext.getParent();
return parent.getCurrentName();
}
return _parsingContext.getCurrentName();
}
The suggested fix is to add a null checking after the invocation of the ProtobufReadContext .getParent() method and throw an exception if the return value stored in parent is indeed null.
In the
ProtobufParser.currentName()method, there is an invocation of theProtobufReadContext .getParent()method which could return anullvalue when the input is malformed and ended unexpectedly because there is no parent read context exists. If the result is null, the code will throw a NullPointerException in the next line when theProtobufReadContext ::getCurrentName()method is called.The suggested fix is to add a null checking after the invocation of the
ProtobufReadContext .getParent()method and throw an exception if the return value stored inparentis indeed null.We found this issue by OSS-Fuzz and it is reported in https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65674.