Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fuzzer-found issue #57237 (buffer boundary condition) #411

Closed
cowtowncoder opened this issue Apr 11, 2023 · 4 comments · Fixed by #412
Closed

Fuzzer-found issue #57237 (buffer boundary condition) #411

cowtowncoder opened this issue Apr 11, 2023 · 4 comments · Fixed by #412
Labels
2.15 Fix or feature targeted at 2.15 release TOML Issue related to TOML format backend
Milestone
2.15.0-rc3

Comments

@cowtowncoder
Copy link
Member

Looks like there is a buffer read boundary condition that OSSFuzz has found wrt TOMLParser:

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=57237

I added a (failing) unit test to reproduce

 com.fasterxml.jackson.dataformat.toml.failing.FuzzTomlRead57237Test
@cowtowncoder cowtowncoder added TOML Issue related to TOML format backend 2.15 Fix or feature targeted at 2.15 release labels Apr 11, 2023
@cowtowncoder
Copy link
Member Author

cc @yawkat

cowtowncoder added a commit that referenced this issue Apr 11, 2023
@cowtowncoder
Add failing test for #411
be45f98
yawkat added a commit that referenced this issue Apr 11, 2023
@yawkat
Fix IndexOutOfBoundsException in TOML parser
b212ed0 
Add a bounds check so that the proper error (EOF) is thrown.
Fixes #411
@yawkat yawkat mentioned this issue Apr 11, 2023
Merged
@yawkat
Copy link
Member

yawkat commented Apr 11, 2023

I added a fix

@lsf37 FYI, I think this is an upstream issue in jflex too (same as #403). Unfortunately we use a modified skeleton for our own buffer management, so I can't be 100% sure this appears in the default jflex skeleton. But these two bugs happened in the parts that should not be modified. I'm having a hard time working with the jflex build (bazel :/ ), so haven't managed to contribute upstream yet. You may want to take a look at these issues to see if they can be fixed in jflex.

@lsf37
Copy link

lsf37 commented Apr 11, 2023

Interesting. I'll have a look at that, I thought this should be fixed by now, but I might be wrong.

@lsf37 lsf37 mentioned this issue Apr 11, 2023
Open
cowtowncoder pushed a commit that referenced this issue Apr 11, 2023
@yawkat
Fix IndexOutOfBoundsException in TOML parser (#412)
190f49e 
Add a bounds check so that the proper error (EOF) is thrown.
Fixes #411
@cowtowncoder cowtowncoder added this to the 2.15.0-rc3 milestone Apr 11, 2023
@cowtowncoder
Copy link
Member Author

Thank you @yawkat , @lsf37 .

cowtowncoder added a commit that referenced this issue Apr 11, 2023
@cowtowncoder
Update release notes wrt #411
91afdc4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2.15 Fix or feature targeted at 2.15 release TOML Issue related to TOML format backend
Projects
None yet
Milestone
2.15.0-rc3
Development

Successfully merging a pull request may close this issue.

Fix IndexOutOfBoundsException in TOML parser FasterXML/jackson-dataformats-text
3 participants
@cowtowncoder @yawkat @lsf37