check for incomplete read

taowen · taowen · commit 17853743102c · 2017-01-02T14:28:35.000+08:00
diff --git a/demo/src/test/java/com/jsoniter/demo/ModelTest.java b/demo/src/test/java/com/jsoniter/demo/ModelTest.java
@@ -51,6 +51,7 @@ public static void main(String[] args) throws IOException, RunnerException {
                 "-i", "5",
                 "-wi", "5",
                 "-f", "1",
+//                "-jvmArgsAppend", "-server -XX:+DoEscapeAnalysis",
         });
     }
 
@@ -89,7 +90,7 @@ public void jsoniter_easy_mode(Blackhole bh) throws IOException {
         bh.consume(JsonIterator.deserialize(inputBytes, Model.class));
     }
 
-//    @Benchmark
+    @Benchmark
     public void fastjson(Blackhole bh) throws IOException {
         // this is not a exactly fair comparison,
         // as string => object is not
diff --git a/src/main/java/com/jsoniter/IterImplNumber.java b/src/main/java/com/jsoniter/IterImplNumber.java
@@ -225,6 +225,8 @@ public static final String readNumber(JsonIterator iter) throws IOException {
                 case '9':
                     iter.reusableChars[j++] = (char) c;
                     break;
+                case 0:
+                    return new String(iter.reusableChars, 0, j);
                 default:
                     iter.unreadByte();
                     return new String(iter.reusableChars, 0, j);
diff --git a/src/main/java/com/jsoniter/IterImplString.java b/src/main/java/com/jsoniter/IterImplString.java
@@ -101,6 +101,8 @@ final static String readStringSlowPath(JsonIterator iter) throws IOException {
                         default:
                             throw iter.reportError("readStringSlowPath", "unexpected escape char: " + b2);
                     }
+                } else if (b1 == 0) {
+                    throw iter.reportError("readStringSlowPath", "incomplete string");
                 } else {
                     // 1 byte, 7 bits: 0xxxxxxx
                     iter.reusableChars[j++] = (char) b1;
diff --git a/src/main/java/com/jsoniter/JsonIterator.java b/src/main/java/com/jsoniter/JsonIterator.java
@@ -271,6 +271,7 @@ public final Object read() throws IOException {
             case NUMBER:
                 return readDouble();
             case NULL:
+                IterImpl.skipUntilBreak(this);
                 return null;
             case BOOLEAN:
                 return readBoolean();
@@ -332,7 +333,11 @@ public static final <T> T deserialize(String input, Class<T> clazz) {
         JsonIterator iter = tlsIter.get();
         iter.reset(input.getBytes());
         try {
-            return iter.read(clazz);
+            T val = iter.read(clazz);
+            if (IterImpl.nextToken(iter) != 0) {
+                throw iter.reportError("deserialize", "trailing garbage found");
+            }
+            return val;
         } catch (IOException e) {
             throw new JsonException(e);
         }
@@ -342,7 +347,11 @@ public static final <T> T deserialize(String input, TypeLiteral<T> typeLiteral)
         JsonIterator iter = tlsIter.get();
         iter.reset(input.getBytes());
         try {
-            return iter.read(typeLiteral);
+            T val = iter.read(typeLiteral);
+            if (IterImpl.nextToken(iter) != 0) {
+                throw iter.reportError("deserialize", "trailing garbage found");
+            }
+            return val;
         } catch (IOException e) {
             throw new JsonException(e);
         }
@@ -352,7 +361,11 @@ public static final <T> T deserialize(byte[] input, Class<T> clazz) {
         JsonIterator iter = tlsIter.get();
         iter.reset(input);
         try {
-            return iter.read(clazz);
+            T val = iter.read(clazz);
+            if (IterImpl.nextToken(iter) != 0) {
+                throw iter.reportError("deserialize", "trailing garbage found");
+            }
+            return val;
         } catch (IOException e) {
             throw new JsonException(e);
         }
@@ -362,7 +375,11 @@ public static final <T> T deserialize(byte[] input, TypeLiteral<T> typeLiteral)
         JsonIterator iter = tlsIter.get();
         iter.reset(input);
         try {
-            return iter.read(typeLiteral);
+            T val = iter.read(typeLiteral);
+            if (IterImpl.nextToken(iter) != 0) {
+                throw iter.reportError("deserialize", "trailing garbage found");
+            }
+            return val;
         } catch (IOException e) {
             throw new JsonException(e);
         }
@@ -376,7 +393,11 @@ public static final Any deserialize(byte[] input) {
         JsonIterator iter = tlsIter.get();
         iter.reset(input);
         try {
-            return iter.readAny();
+            LazyAny val = iter.readAny();
+            if (IterImpl.nextToken(iter) != 0) {
+                throw iter.reportError("deserialize", "trailing garbage found");
+            }
+            return val;
         } catch (IOException e) {
             throw new JsonException(e);
         }
diff --git a/src/test/java/com/jsoniter/AllTests.java b/src/test/java/com/jsoniter/AllTests.java
@@ -1,7 +1,6 @@
 package com.jsoniter;
 
 import org.junit.BeforeClass;
-import org.junit.Test;
 import org.junit.experimental.categories.Categories;
 import org.junit.runner.RunWith;
 import org.junit.runners.Suite;
@@ -16,19 +15,19 @@ public interface StreamingCategory {
             TestExisting.class, TestGenerics.class, TestGenerics.class, TestIO.class, TestNested.class,
             TestObject.class, TestReadAny.class, TestReflection.class, TestSkip.class, TestSlice.class,
             TestString.class, TestWhatIsNext.class})
-    public static class AllTests {
+    public static class AllTestCases {
     }
 
     @RunWith(Categories.class)
     @Categories.ExcludeCategory(StreamingCategory.class)
-    @Suite.SuiteClasses({AllTests.class})
+    @Suite.SuiteClasses({AllTestCases.class})
     public static class NonStreamingTests {
 
     }
 
     @RunWith(Categories.class)
     @Categories.IncludeCategory(StreamingCategory.class)
-    @Suite.SuiteClasses({AllTests.class})
+    @Suite.SuiteClasses({AllTestCases.class})
     public static class StreamingTests {
         @BeforeClass
         public static void setUp() {
diff --git a/src/test/java/com/jsoniter/TestObject.java b/src/test/java/com/jsoniter/TestObject.java
@@ -8,7 +8,7 @@
 public class TestObject extends TestCase {
 
     static {
-//        JsonIterator.setMode(DecodingMode.DYNAMIC_MODE_AND_MATCH_FIELD_STRICTLY);
+//        JsonIterator.setMode(DecodingMode.DYNAMIC_MODE_AND_MATCH_FIELD_WITH_HASH);
     }
 
     public static class EmptyClass {}
@@ -94,4 +94,12 @@ public void test_inheritance() throws IOException {
         InheritedObject inheritedObject = iter.read(InheritedObject.class);
         assertEquals("hello", inheritedObject.inheritedField);
     }
+
+    public void test_incomplete_field_name() throws IOException {
+        try {
+            JsonIterator.parse("{\"abc").read(InheritedObject.class);
+            fail();
+        } catch (JsonException e) {
+        }
+    }
 }
diff --git a/src/test/java/com/jsoniter/TestString.java b/src/test/java/com/jsoniter/TestString.java
@@ -4,6 +4,8 @@
 import org.junit.experimental.categories.Category;
 
 import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileInputStream;
 import java.io.IOException;
 
 public class TestString extends TestCase {
@@ -58,4 +60,12 @@ public void test_null_string() throws IOException {
         JsonIterator iter = JsonIterator.parse("null".replace('\'', '"'));
         assertEquals(null, iter.readString());
     }
+
+    public void test_incomplete_string() throws IOException {
+        try {
+            JsonIterator.parse("\"abc").read();
+            fail();
+        } catch (JsonException e) {
+        }
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,7 @@ public static void main(String[] args) throws IOException, RunnerException {`
`51`	`51`	`"-i", "5",`
`52`	`52`	`"-wi", "5",`
`53`	`53`	`"-f", "1",`
	`54`	`+// "-jvmArgsAppend", "-server -XX:+DoEscapeAnalysis",`
`54`	`55`	`});`
`55`	`56`	`}`
`56`	`57`
`@@ -89,7 +90,7 @@ public void jsoniter_easy_mode(Blackhole bh) throws IOException {`
`89`	`90`	`bh.consume(JsonIterator.deserialize(inputBytes, Model.class));`
`90`	`91`	`}`
`91`	`92`
`92`		`-// @Benchmark`
	`93`	`+ @Benchmark`
`93`	`94`	`public void fastjson(Blackhole bh) throws IOException {`
`94`	`95`	`// this is not a exactly fair comparison,`
`95`	`96`	`// as string => object is not`
Original file line number	Diff line number	Diff line change
`@@ -101,6 +101,8 @@ final static String readStringSlowPath(JsonIterator iter) throws IOException {`
`101`	`101`	`default:`
`102`	`102`	`throw iter.reportError("readStringSlowPath", "unexpected escape char: " + b2);`
`103`	`103`	`}`
	`104`	`+ } else if (b1 == 0) {`
	`105`	`+ throw iter.reportError("readStringSlowPath", "incomplete string");`
`104`	`106`	`} else {`
`105`	`107`	`// 1 byte, 7 bits: 0xxxxxxx`
`106`	`108`	`iter.reusableChars[j++] = (char) b1;`
Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`public class TestObject extends TestCase {`
`9`	`9`
`10`	`10`	`static {`
`11`		`-// JsonIterator.setMode(DecodingMode.DYNAMIC_MODE_AND_MATCH_FIELD_STRICTLY);`
	`11`	`+// JsonIterator.setMode(DecodingMode.DYNAMIC_MODE_AND_MATCH_FIELD_WITH_HASH);`
`12`	`12`	`}`
`13`	`13`
`14`	`14`	`public static class EmptyClass {}`
`@@ -94,4 +94,12 @@ public void test_inheritance() throws IOException {`
`94`	`94`	`InheritedObject inheritedObject = iter.read(InheritedObject.class);`
`95`	`95`	`assertEquals("hello", inheritedObject.inheritedField);`
`96`	`96`	`}`
	`97`	`+`
	`98`	`+ public void test_incomplete_field_name() throws IOException {`
	`99`	`+ try {`
	`100`	`+ JsonIterator.parse("{\"abc").read(InheritedObject.class);`
	`101`	`+ fail();`
	`102`	`+ } catch (JsonException e) {`
	`103`	`+ }`
	`104`	`+ }`
`97`	`105`	`}`