Skip to content

fastjson
fastjson

kengao2018 / fastjson
与 Fork 源项目一致

从无法访问的项目Fork

通知 7
Star 0
Fork 0
fastjson
fastjson

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 c619a784 编写于 作者: 高铁
浏览文件
操作

add integer & decimal overflow check

上级 9060a26f
隐藏空白更改
内联 并排
Showing with 49 addition and 8 deletion
src/main/java/com/alibaba/fastjson/parser/JSONLexerBase.java
浏览文件 @ c619a784
......@@ -18,6 +18,7 @@ package com.alibaba.fastjson.parser;
import java.io.Closeable;
import java.math.BigDecimal;
import java.math.BigInteger;
import java.math.MathContext;
import java.util.*;
import com.alibaba.fastjson.JSON;
......@@ -458,11 +459,11 @@ public abstract class JSONLexerBase implements JSONLexer, Closeable {
// Accumulating negatively avoids surprises near MAX_VALUE
digit = charAt(i++) - '0';
if (result < multmin) {
return new BigInteger(numberString());
return new BigInteger(numberString(), 10);
}
result *= 10;
if (result < limit + digit) {
return new BigInteger(numberString());
return new BigInteger(numberString(), 10);
}
result -= digit;
}
......@@ -3041,8 +3042,11 @@ public abstract class JSONLexerBase implements JSONLexer, Closeable {
count = bp + offset - start - 1;
}
if (count > 65535) {
throw new JSONException("decimal overflow");
}
char[] chars = this.sub_chars(start, count);
value = new BigDecimal(chars);
value = new BigDecimal(chars, 0, chars.length, MathContext.UNLIMITED);
} else if (chLocal == 'n' && charAt(bp + offset) == 'u' && charAt(bp + offset + 1) == 'l' && charAt(bp + offset + 2) == 'l') {
matchStat = VALUE_NULL;
value = null;
......@@ -3715,8 +3719,12 @@ public abstract class JSONLexerBase implements JSONLexer, Closeable {
count = bp + offset - start - 1;
}
if (count > 65535) {
throw new JSONException("scan decimal overflow");
}
char[] chars = this.sub_chars(start, count);
value = new BigDecimal(chars);
value = new BigDecimal(chars, 0, chars.length, MathContext.UNLIMITED);
} else if (chLocal == 'n' &&
charAt(bp + offset) == 'u' &&
charAt(bp + offset + 1) == 'l' &&
......@@ -3856,8 +3864,12 @@ public abstract class JSONLexerBase implements JSONLexer, Closeable {
// char[] chars = this.sub_chars(negative ? start + 1 : start, count);
// value = new BigInteger(chars, )
if (count > 65535) {
throw new JSONException("scanInteger overflow");
}
String strVal = this.subString(start, count);
value = new BigInteger(strVal);
value = new BigInteger(strVal, 10);
}
} else if (chLocal == 'n' &&
charAt(bp + offset) == 'u' &&
......@@ -5150,6 +5162,10 @@ public abstract class JSONLexerBase implements JSONLexer, Closeable {
}
}
if (sp > 65535) {
throw new JSONException("scanNumber overflow");
}
if (ch == 'L') {
sp++;
next();
......
src/main/java/com/alibaba/fastjson/parser/JSONReaderScanner.java
浏览文件 @ c619a784
......@@ -20,6 +20,7 @@ import java.io.IOException;
import java.io.Reader;
import java.io.StringReader;
import java.math.BigDecimal;
import java.math.MathContext;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONException;
......@@ -296,7 +297,11 @@ public final class JSONReaderScanner extends JSONLexerBase {
sp--;
}
return new BigDecimal(buf, offset, sp);
if (sp > 65535) {
throw new JSONException("decimal overflow");
}
return new BigDecimal(buf, offset, sp, MathContext.UNLIMITED);
}
public void close() {
......
src/main/java/com/alibaba/fastjson/parser/JSONScanner.java
浏览文件 @ c619a784
......@@ -21,6 +21,7 @@ import com.alibaba.fastjson.util.ASMUtils;
import com.alibaba.fastjson.util.IOUtils;
import java.math.BigDecimal;
import java.math.MathContext;
import java.util.*;
//这个类,为了性能优化做了很多特别处理,一切都是为了性能!!!
......@@ -188,14 +189,18 @@ public final class JSONScanner extends JSONLexerBase {
sp--;
}
if (sp > 65535) {
throw new JSONException("decimal overflow");
}
int offset = np, count = sp;
if (count < sbuf.length) {
text.getChars(offset, offset + count, sbuf, 0);
return new BigDecimal(sbuf, 0, count);
return new BigDecimal(sbuf, 0, count, MathContext.UNLIMITED);
} else {
char[] chars = new char[count];
text.getChars(offset, offset + count, chars, 0);
return new BigDecimal(chars);
return new BigDecimal(chars, 0, chars.length, MathContext.UNLIMITED);
}
}
......
src/main/java/com/alibaba/fastjson/serializer/BigIntegerCodec.java
浏览文件 @ c619a784
......@@ -19,6 +19,7 @@ import java.io.IOException;
import java.lang.reflect.Type;
import java.math.BigInteger;
import com.alibaba.fastjson.JSONException;
import com.alibaba.fastjson.parser.DefaultJSONParser;
import com.alibaba.fastjson.parser.JSONLexer;
import com.alibaba.fastjson.parser.JSONToken;
......@@ -70,6 +71,11 @@ public class BigIntegerCodec implements ObjectSerializer, ObjectDeserializer {
if (lexer.token() == JSONToken.LITERAL_INT) {
String val = lexer.numberString();
lexer.nextToken(JSONToken.COMMA);
if (val.length() > 65535) {
throw new JSONException("decimal overflow");
}
return (T) new BigInteger(val);
}
......
src/main/java/com/alibaba/fastjson/util/TypeUtils.java
浏览文件 @ c619a784
......@@ -324,6 +324,10 @@ public class TypeUtils{
if(value instanceof Map && ((Map) value).size() == 0){
return null;
}
if (strVal.length() > 65535) {
throw new JSONException("decimal overflow");
}
return new BigDecimal(strVal);
}
......@@ -350,6 +354,11 @@ public class TypeUtils{
|| "NULL".equals(strVal)){
return null;
}
if (strVal.length() > 65535) {
throw new JSONException("decimal overflow");
}
return new BigInteger(strVal);
}
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册