Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

json parser crash if having a large number integer in message #1602

Closed
alexhhj opened this issue May 17, 2019 · 4 comments
Closed

json parser crash if having a large number integer in message #1602

alexhhj opened this issue May 17, 2019 · 4 comments
Labels
kind: bug

Comments

@alexhhj
Copy link

alexhhj commented May 17, 2019
edited
Loading

  • What is the issue you have?

  • Please describe the steps to reproduce the issue. Can you provide a small but working code example?
    I have a test case running on this json library .
    The message is as below
    {
    "testList": [
    {
    "id": "160013002243",
    "customerNumber": 111000000000000000009999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999999977777777777777777777777777777777777774444444444444444444444444444444444444444444444444499999999999999999999999999444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444,
    "name": "Alex Test for Json",
    },
    ]
    }
    Then the json parser crashes even with try-catch in C++.

It could work well if the "customer Number" is string type with "".

I am running on a Linux system on am335x.

Linux version 4.4.19 (jenkins@imvisionfw) (gcc version 5.2.0 (crosstool-NG crosstool-ng-1.22.0) ) #1 PREEMPT Thu May 16 04:11:13 CDT 2019

JSON for Modern C++ version is 3.5.0
@gregmarr
Copy link
Contributor

gregmarr commented May 17, 2019
edited
Loading

It's probably throwing an out of range exception from the parser. How are you catching exceptions?

@alexhhj
Copy link
Author

alexhhj commented May 17, 2019
edited
Loading 

                        try 
			{  
				//valid_json = true;
				json::parse(request_post);
			}
			catch (json::parse_error& e)
			{
				//valid_json = false;
			printf("load JSON error %s %d message %s  n", __FUNCTION__, __LINE__, e.what());
				
			}

Just try and catch . But no error report just crash

@nickaein
Copy link
Contributor

For out of range numbers, exception nlohmann::json::out_of_range will be thrown.

When in doubt, catch the base class nlohmann::json::exception to make sure you no exception can escape:

try 
{  
    json::parse(request_post);
}
catch (json::parse_error& e)
{
    std::cout << "Parse error:" << e.what() << std::endl;
}
catch (json::out_of_range& e)
{
    std::cout << "Out of range:" << e.what() << std::endl;
}
catch (json::exception& e)
{
    std::cout << "JSON exception: " << e.what() << std::endl;
}
// not really needed 
catch (std::exception& e)
{
    std::cout << "Unknown exception" << e.what() << std::endl;   
}

Note: The std::exception block is not needed since all library exceptions are derived from json::exception. If in some case the library throws std::exception, I believe it is considered as a bug.

@alexhhj
Copy link
Author

alexhhj commented May 17, 2019

Thanks

@alexhhj alexhhj closed this as completed May 17, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind: bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nickaein @gregmarr @alexhhj