From db12a6571842887d5a4c83f1a0b45b5f3514ba43 Mon Sep 17 00:00:00 2001 From: Tatu Saloranta Date: Sat, 16 Dec 2023 14:38:56 -0800 Subject: [PATCH] Further checking for `SmileGenerator.writeNumber(String)` to avoid problems --- .../dataformat/smile/SmileGenerator.java | 38 +++++++++++++++---- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileGenerator.java b/smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileGenerator.java index 6be5f1191..771406e93 100644 --- a/smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileGenerator.java +++ b/smile/src/main/java/com/fasterxml/jackson/dataformat/smile/SmileGenerator.java @@ -1789,6 +1789,8 @@ public void writeNumber(String encodedValue) throws IOException protected void _writeIntegralNumber(String enc, boolean neg) throws IOException { int len = enc.length(); + // 16-Dec-2023, tatu: Guard against too-big numbers + _streamReadConstraints().validateIntegerLength(len); if (neg) { --len; } @@ -1806,18 +1808,23 @@ protected void _writeIntegralNumber(String enc, boolean neg) throws IOException } return; } catch (NumberFormatException e) { } - throw new JsonGenerationException("Invalid String representation for Number ('"+enc - +"'); can not write using Smile format", this); + _reportError("Invalid String representation for Number ('"+enc + +"'); can not write using Smile format"); } protected void _writeDecimalNumber(String enc) throws IOException { - try { - writeNumber(NumberInput.parseBigDecimal(enc, false)); - } catch (NumberFormatException e) { - throw new JsonGenerationException("Invalid String representation for Number ('"+enc - +"'); can not write using Smile format", this); + // 16-Dec-2023, tatu: Guard against too-big numbers + _streamReadConstraints().validateFPLength(enc.length()); + // ... and check basic validity too + if (NumberInput.looksLikeValidNumber(enc)) { + try { + writeNumber(NumberInput.parseBigDecimal(enc, false)); + return; + } catch (NumberFormatException e) { } } + _reportError("Invalid String representation for Number ('"+enc + +"'); can not write using Smile format"); } /* @@ -2763,4 +2770,21 @@ protected long outputOffset() { protected UnsupportedOperationException _notSupported() { return new UnsupportedOperationException(); } + + /* + /********************************************************** + /* Internal methods, misc other + /********************************************************** + */ + + /** + * We need access to some reader-side constraints for safety-check within + * number decoding for {@linl #writeNumber(String)}: for now we need to + * rely on global defaults; should be ok for basic safeguarding. + * + * @since 2.17 + */ + protected StreamReadConstraints _streamReadConstraints() { + return StreamReadConstraints.defaults(); + } }