Fix missing bounds check for JsonTreeReader.getPath()
#2001
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There are situations where the
stack
of JsonTreeReader contains a JsonArray or JsonObject without a subsequent Iterator, for example after callingpeek()
ornextName()
.When
JsonTreeReader.getPath()
is called afterwards it therefore must not assume that a JsonArray or JsonObject is always followed by an Iterator.The only reason why this never caused an ArrayIndexOutOfBoundsException in the past is because the stack has an even default size (32) so it would just have read the next
null
.However, if the stack had for example the default size 31, a user created a JsonTreeReader for 16 JSON arrays nested inside each other, then called 15 times
beginArray()
, followed bypeek()
andgetPath()
the exception would occur.