Skip to content

Commit

Permalink
Issue 1182: Fix fuzzing bug (open-source-parsers#1183)
Browse files Browse the repository at this point in the history
This patch fixes a fuzzing bug by resolving a bad fallthrough in the
setComment logic.

The result is that we get a proper error instead of an assert, making
the library friendlier to use and less likely to cause issue for
consumers.

See related Chromium project bug:
https://bugs.chromium.org/p/chromium/issues/detail?id=989851

Issue: 1182
  • Loading branch information
baylesj authored May 31, 2020
1 parent 6aba23f commit 9be5895
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
7 changes: 5 additions & 2 deletions src/lib_json/json_reader.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -1175,8 +1175,11 @@ bool OurReader::readToken(Token& token) {
if (features_.allowSingleQuotes_) {
token.type_ = tokenString;
ok = readStringSingleQuote();
break;
} // else fall through
} else {
// If we don't allow single quotes, this is a failure case.
ok = false;
}
break;
case '/':
token.type_ = tokenComment;
ok = readComment();
Expand Down
1 change: 1 addition & 0 deletions test/data/fail_invalid_quote.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{'//this is bad JSON.'}

0 comments on commit 9be5895

Please sign in to comment.