Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

YAMLParser throws unexpected NullPointerException in certain number parsing cases #445

Closed
arthurscchan opened this issue Dec 4, 2023 · 0 comments
Closed

YAMLParser throws unexpected NullPointerException in certain number parsing cases #445

arthurscchan opened this issue Dec 4, 2023 · 0 comments
Milestone
2.16.1

Comments

@arthurscchan
Copy link
Contributor

In YAMLParse::getNumberValueDeferred() / YAMLParse::_parseNumericValue() / YAMLParse::_parseIntValuev() methods, the lenght() method of the String object _cleanedTextValue is called. This could cause an unexpected NullPointerException when the previous steps make _cleanedTextValue become null with an invalid input value. To fix it, it is suggested to add a conditional check and report an error when _cleanedTextValue is null.

if (_cleanedTextValue.length() <= 18) {
    return getNumberValue();
}

We found this issue by OSS-Fuzz and it is reported in https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64662.
@arthurscchan arthurscchan mentioned this issue Dec 4, 2023
Merged
cowtowncoder pushed a commit that referenced this issue Dec 12, 2023
@arthurscchan
Fixes for issue #445: Wraps unexpected NullPointerException (#446)
1e6f01d
@cowtowncoder cowtowncoder added this to the 2.16.1 milestone Dec 12, 2023
@cowtowncoder cowtowncoder changed the title YAMLParser throws unexpected NullPointerException YAMLParser throws unexpected NullPointerException in certain number parsing cases Dec 12, 2023
cowtowncoder pushed a commit that referenced this issue Dec 12, 2023
@arthurscchan @cowtowncoder
Fixes for issue #445: Wraps unexpected NullPointerException (#446)
18108a4
cowtowncoder added a commit that referenced this issue Dec 12, 2023
@cowtowncoder
Update release notes wrt backport #445 fix
0b7087b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.16.1
Development

No branches or pull requests
2 participants
@cowtowncoder @arthurscchan