`ArrayIndexOutOfBoundsException` for specific invalid content, with Reader-based parser

(note: found by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61198)

Looks like there is a case where, if:

1. `JsonParser` configured to accept non-standard leading plus sign (`JsonReadFeature.ALLOW_LEADING_PLUS_SIGN_FOR_NUMBERS`)
2. Content is read using character-based parser (`ReaderBasedJsonParser`)
3. Some boundary condition is reached (can emulate with 1-char-at-a-time Reader)
4. Call is made to `JsonParser.getNumberType()` (or possibly other number accessors)

there's an AIOOBE with stack trace like:

```
 	 at com.fasterxml.jackson.core.io.NumberInput.parseInt(NumberInput.java:55)
	 at com.fasterxml.jackson.core.util.TextBuffer.contentsAsInt(TextBuffer.java:631)
	 at com.fasterxml.jackson.core.base.ParserBase._parseNumericValue(ParserBase.java:891)
	 at com.fasterxml.jackson.core.base.ParserBase.getNumberType(ParserBase.java:735)
```


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

`ArrayIndexOutOfBoundsException` for specific invalid content, with Reader-based parser #1169

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

ArrayIndexOutOfBoundsException for specific invalid content, with Reader-based parser #1169

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

`ArrayIndexOutOfBoundsException` for specific invalid content, with Reader-based parser #1169