Skip to content

fix(serialization): Replace redundant round-trip in JsonSerializer.Parse with Clone #8536

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 14, 2025
Merged

fix(serialization): Replace redundant round-trip in JsonSerializer.Parse with Clone #8536

merged 3 commits into from
Aug 14, 2025

Conversation

SindriFr
Copy link
Contributor

Summary of the changes (Less than 80 chars)

  • Improve performance of JsonSerializer.Parse
  • Avoid buffer overflow bug in System.Text.Json WriteTo for complex nested JSON objects

@SindriFr
fix(serialization): Replace redundant round-trip in JsonSerializer.Pa…
39ca7e8 
…rse with Clone

The JsonSerializer.Parse method was performing an unnecessary round-trip
serialization (JsonElement -> Utf8JsonWriter -> Utf8JsonReader -> JsonElement).

More critically, the WriteTo() operation triggered a buffer overflow bug in
System.Text.Json's WriteComplexElement when processing complex nested JSON objects larger
than Utf8JsonWriter's internal buffer of 4KB, leading to memory corruption and undefined behaviour.

Replace the round-trip with JsonElement.Clone() which:
- Preserves identical semantics
- Eliminates the buffer overflow risk entirely
- Improves performance by avoiding unnecessary serialization
- Maintains proper memory management for the cloned element
@CLAassistant
Copy link

CLAassistant commented Aug 14, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

@SindriFr
Copy link
Contributor Author

SindriFr commented Aug 14, 2025
edited
Loading

The JsonSerializer.Parse method was performing an unnecessary round-trip serialization (JsonElement -> Utf8JsonWriter -> Utf8JsonReader -> JsonElement).

More critically, the WriteTo() operation triggered a buffer overflow bug in System.Text.Json's WriteComplexElement when processing complex nested JSON objects larger than Utf8JsonWriter's internal buffer of 4KB, leading to memory corruption and undefined behaviour.

Replace the round-trip with JsonElement.Clone() which:

  • Preserves identical semantics
  • Eliminates the buffer overflow risk entirely
  • Improves performance by avoiding unnecessary serialization
  • Maintains proper memory management for the cloned element

Sorry I didn't set up a bug report before opening the pull request, but reproducing this bug outside my application has been a challenge.
I hope the performance improvement and simplification is enough to warrant a merge.

@michaelstaib
Copy link
Member

@SindriFr thanks for the PR!

@michaelstaib michaelstaib merged commit f921856 into ChilliCream:main Aug 14, 2025
108 checks passed
@SindriFr SindriFr deleted the fix/unnecessary-json-serializer-round-trip branch August 14, 2025 17:15
@michaelstaib michaelstaib added the 🍒 cherry-pick Consider cherry-picking these changes into the previous major version. label Aug 27, 2025
@michaelstaib michaelstaib added this to the HC-15.1.9 milestone Aug 27, 2025
michaelstaib added a commit that referenced this pull request Aug 27, 2025
@michaelstaib
Fix replace redundant round-trip in JsonSerializer.Parse with Clone (#…
5bde53d 
…8536)
@dependabot dependabot bot mentioned this pull request Aug 27, 2025
Merged
@sunghwan2789 sunghwan2789 mentioned this pull request Aug 28, 2025
Closed
This was referenced Aug 28, 2025
Merged
Closed
Merged
Closed
Closed
Merged
Closed
Closed
Merged
Closed
This was referenced Sep 8, 2025
Closed
Closed
Closed
Closed
Open
This was referenced Sep 8, 2025
Open
Open
Open
Open
@dependabot dependabot bot mentioned this pull request Sep 22, 2025
Closed
This was referenced Sep 29, 2025
Closed
Closed
Closed
This was referenced Oct 6, 2025
Closed
Closed
Closed
Closed
Closed
Merged
Open
Open
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michaelstaib michaelstaib michaelstaib approved these changes

Assignees

No one assigned

Labels

🍒 cherry-pick Consider cherry-picking these changes into the previous major version. 🌶️ strawberry shake

Projects

None yet

Milestone

HC-15.1.9

Development

Successfully merging this pull request may close these issues.

3 participants

@SindriFr @CLAassistant @michaelstaib