diff --git a/src/main/java/com/alibaba/fastjson/parser/DefaultJSONParser.java b/src/main/java/com/alibaba/fastjson/parser/DefaultJSONParser.java index 248cb020a0..aa7c10f719 100644 --- a/src/main/java/com/alibaba/fastjson/parser/DefaultJSONParser.java +++ b/src/main/java/com/alibaba/fastjson/parser/DefaultJSONParser.java @@ -1194,7 +1194,7 @@ public final void parseArray(final Collection array, Object fieldName) { ParseContext context = this.context; this.setContext(array, fieldName); try { - for (int i = 0;; ++i) { + for (int i = 0; ; ++i) { if (lexer.isEnabled(Feature.AllowArbitraryCommas)) { while (lexer.token() == JSONToken.COMMA) { lexer.nextToken(); @@ -1280,6 +1280,8 @@ public final void parseArray(final Collection array, Object fieldName) { continue; } } + } catch (ClassCastException e) { + throw new JSONException("unkown error", e); } finally { this.setContext(context); } diff --git a/src/main/java/com/alibaba/fastjson/parser/JSONLexerBase.java b/src/main/java/com/alibaba/fastjson/parser/JSONLexerBase.java index a0eff3c235..8385912977 100644 --- a/src/main/java/com/alibaba/fastjson/parser/JSONLexerBase.java +++ b/src/main/java/com/alibaba/fastjson/parser/JSONLexerBase.java @@ -483,7 +483,7 @@ public final Number integerValue() throws NumberFormatException { } return result; } else { /* Only got "-" */ - throw new NumberFormatException(numberString()); + throw new JSONException("illegal number format : " + numberString()); } } else { result = -result; @@ -5086,8 +5086,12 @@ private void scanStringSingleQuote() { * Append a character to sbuf. */ protected final void putChar(char ch) { - if (sp == sbuf.length) { - char[] newsbuf = new char[sbuf.length * 2]; + if (sp >= sbuf.length) { + int len = sbuf.length * 2; + if (len < sp) { + len = sp + 1; + } + char[] newsbuf = new char[len]; System.arraycopy(sbuf, 0, newsbuf, 0, sbuf.length); sbuf = newsbuf; } diff --git a/src/test/java/com/alibaba/json/bvt/issue_3600/Issue3631.java b/src/test/java/com/alibaba/json/bvt/issue_3600/Issue3631.java new file mode 100644 index 0000000000..0baaf22ea9 --- /dev/null +++ b/src/test/java/com/alibaba/json/bvt/issue_3600/Issue3631.java @@ -0,0 +1,37 @@ +package com.alibaba.json.bvt.issue_3600; + +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONException; +import junit.framework.TestCase; + +import java.util.Base64; + +public class Issue3631 extends TestCase { + public void test_issue_1() throws Exception { + try { + JSON.parse("{[-"); + } catch (JSONException unused) { + // skip + } + } + + public void test_issue_2() throws Exception { + try { + JSON.parse("TreeSet[[]"); + } catch (JSONException unused) { + // skip + } + } + + public void test_issue_3() throws Exception { + try { + JSON.parse(btoa("WywsIiIMLCIAAAAMAAAgAAAAdWUgdAAAAA1ubHUlbDMyMjIABAAAADIyMjISMjNbW1ukHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHh4eHiBUZA17W3tbCTg0DQooIHRleHQuIEFuZCAgNDRUBDQ0LCwoLCwsLCwsKSwsLCwsLCwsLCwsLCwsnf8sLCwsLCwsMiwsLG51bA9sLCwqLCwsLCwsLCwsLCwsLCwsLCwoLCwsLCwsKSx077+9LCwsLBAsLCwsLCwoLCwsLCwsKSx077+9LCwsLCwyLCwsLCwsLCwsLFtbW1uhpJ3/GiwsLCwsLDIsLCwsLCwsQSw8LCwsLHtbW1sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHtbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHsnw4QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWw1dLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAW10AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAW6Gknf8sLCwsLCwsLCwsLCwsWywsLCwsLCwsLCwsLCwsLCwsKCwsLCwsLCksLCwsLCwsLCwsLCwsLJ3/LCwsLCwsLDIsLCxudWxsLCwqLCwsLCwsLCwsLCwsLCwsLCwoLCwsLCwsKSx077+9LCwsLCwsLCwsLCwoLCwsLCwsKSx07zV1bmRlZmluZW5kACwsLCwsLFtbW1uhpJ3/GiwsLCwsLDIsLCwsLCwsQSw8LCwsLHtbW1tboaSd/ywsLCwsLCwsLCwsLCxbLCwsLCwsLCwsLCwsLCwsLCwsLEEsPCwsLCx7W1tbW6Gknf8sLCwsLCwsLCwsLCwsLCwsLCgsLCwsLCwpLCwsLCwsLCwsLCwsLCyd/ywsLCwsLCwyLCwsbnVsbCwsKiwsLCwsLCwsLCwsLCwsLCwsKCwsLCwsLCksdO+/vSwsLCwsMSwsLCwsLCwsLCxbW1tboaSd/xosLCwsLCwyLCwsLCwsLCwsLCws")); + } catch (JSONException unused) { + // skip + } + } + + public static String btoa(String base64) { + return new String(Base64.getDecoder().decode(base64)); + } +}