Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid arguments passed to EachKey can cause a panic #177

Closed
floren opened this issue Oct 18, 2019 · 0 comments · Fixed by #190
Closed

Invalid arguments passed to EachKey can cause a panic #177

floren opened this issue Oct 18, 2019 · 0 comments · Fixed by #190

Comments

@floren
Copy link
Contributor

floren commented Oct 18, 2019

The following test will cause a panic:

func TestJsonLibrary(t *testing.T) {
		cb := func(idx int, val []byte, vt jsonparser.ValueType, err error) {
		}
		badval = []byte(`{"foo": [{"bar": "baz"}]}`)
		jsonparser.EachKey(badval, cb, []string{"foo", "["})
}

--- FAIL: TestJsonLibrary (0.00s)
panic: runtime error: slice bounds out of range [1:0] [recovered]
	panic: runtime error: slice bounds out of range [1:0]

goroutine 20 [running]:
testing.tRunner.func1(0xc000118200)
	/usr/local/go/src/testing/testing.go:874 +0x3a3
panic(0x768280, 0xc0000fa140)
	/usr/local/go/src/runtime/panic.go:679 +0x1b2
github.com/buger/jsonparser.EachKey(0xc0000fa120, 0x19, 0x19, 0x7adf40, 0xc00004cf48, 0x1, 0x1, 0x0)
	/home/john/go/pkg/mod/github.com/buger/jsonparser@v0.0.0-20191004114745-ee4c978eae7e/parser.go:492 +0x10af

I acknowledge that it is bad code, but I managed to trigger it via careless parsing on my end
WilliamHeaven added a commit to WilliamHeaven/jsonparser that referenced this issue Mar 10, 2020
@WilliamHeaven
fix buger#177&178,Add related testcases
0be1020
AllenX2018 added a commit to AllenX2018/jsonparser that referenced this issue Mar 13, 2020
@AllenX2018
fix issue buger#177 buger#178
40912fb
@AllenX2018 AllenX2018 mentioned this issue Mar 13, 2020
Merged
buger pushed a commit that referenced this issue Mar 21, 2020
@AllenX2018
fix issue #177 #178 (#190)
11fa7e4 
`Get()` and `EachKey()` will panic dealing with invalid parameters in some cases because of array out of bounds. This pr try to fix #177 and #178
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix issue #177 #178 AllenX2018/jsonparser
1 participant
@floren