Open hpbieker opened 5 years ago
Is there a work around for this issue?
Is there a work around for this issue?
Manually copy the content of the stream to a byte[] and deserialize the json from there
Does this affect the JsonSerializer.NonGeneric.Deserialize ?
Does this affect the JsonSerializer.NonGeneric.Deserialize ?
Yes, if you use the overload with Stream.
Yes we do use the overload with stream since we are creating our own mediaformatter for asp.net web api. How about for serializing? JsonSerializer.NonGeneric.SerializeAsync ?
result1
is nowint[] { 1}
as expected.However,
result2
is now alsoint[] { 1}
, but I expected to get an exception because of invalid json.The reason is that
Deserialize<T>(Stream, IJsonFormatterResolver)
will callMemoryPool.GetBuffer()
which returns an unclean buffer. This buffer is then filled based on the stream inFillFromStream()
. In our case, the second broken json is shorter than the first one, so our new buffer contains a mix of the new and the old json.The buffer is then just passed on to the parser without any length field, so the whole buffer is potentially read if it contains garbage.