Reproduce issue #435 (from OSS-Fuzz)

cowtowncoder · cowtowncoder · commit 7d79f81af990 · 2023-10-12T20:26:15.000-07:00
diff --git a/yaml/src/main/java/com/fasterxml/jackson/dataformat/yaml/YAMLParser.java b/yaml/src/main/java/com/fasterxml/jackson/dataformat/yaml/YAMLParser.java
@@ -699,6 +699,7 @@ protected JsonToken _decodeNumberScalar(String value, final int len)
         if (len == i) { // should not occur but play it safe
             return null;
         }
+
         // Next: either "0" ("-0" and "+0" also accepted), or non-decimal. So:
         if (value.charAt(i) == '0') {
             if (++i == len) {
diff --git a/yaml/src/test/java/com/fasterxml/jackson/dataformat/yaml/deser/FuzzYAMLReadTest.java b/yaml/src/test/java/com/fasterxml/jackson/dataformat/yaml/deser/FuzzYAMLReadTest.java
@@ -41,21 +41,21 @@ public void testTagDecoding50339() throws Exception
     }
 
     // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50407
-    public void testNumberdecoding50407() throws Exception
+    public void testNumberDecoding50407() throws Exception
     {
         // int, octal
-        _testNumberdecoding50407("- !!int 0111-");
-        _testNumberdecoding50407("- !!int 01 11");
-        _testNumberdecoding50407("- !!int 01245zf");
+        _testNumberDecoding50407("- !!int 0111-");
+        _testNumberDecoding50407("- !!int 01 11");
+        _testNumberDecoding50407("- !!int 01245zf");
         // long, octal
-        _testNumberdecoding50407("- !!int 0123456789012345-");
-        _testNumberdecoding50407("- !!int 01234567   890123");
-        _testNumberdecoding50407("- !!int 0123456789012ab34");
+        _testNumberDecoding50407("- !!int 0123456789012345-");
+        _testNumberDecoding50407("- !!int 01234567   890123");
+        _testNumberDecoding50407("- !!int 0123456789012ab34");
         // BigInteger, octal
-        _testNumberdecoding50407("-       !!int       0111                -        -");
+        _testNumberDecoding50407("-       !!int       0111                -        -");
     }
 
-    private void _testNumberdecoding50407(String doc) {
+    private void _testNumberDecoding50407(String doc) {
         try {
             YAML_MAPPER.readTree(doc);
             fail("Should not pass");
@@ -65,12 +65,23 @@ private void _testNumberdecoding50407(String doc) {
     }
 
     // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50407
-    public void testNumberdecoding50052() throws Exception
+    public void testNumberDecoding50052() throws Exception
     {
         // 17-Sep-2022, tatu: Could produce an exception but for now type
         //    tag basically ignored, returned as empty String otken
         JsonNode n = YAML_MAPPER.readTree("!!int");
         assertEquals(JsonToken.VALUE_STRING, n.asToken());
         assertEquals("", n.textValue());
     }
+
+    // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61823
+    public void testNumberDecoding61823() throws Exception
+    {
+        try {
+            YAML_MAPPER.readTree("!!int _ ");
+            fail("Should not pass");
+        } catch (JacksonException e) {
+            verifyException(e, "Invalid base-");
+        }
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -699,6 +699,7 @@ protected JsonToken _decodeNumberScalar(String value, final int len)`
`699`	`699`	`if (len == i) { // should not occur but play it safe`
`700`	`700`	`return null;`
`701`	`701`	`}`
	`702`	`+`
`702`	`703`	`// Next: either "0" ("-0" and "+0" also accepted), or non-decimal. So:`
`703`	`704`	`if (value.charAt(i) == '0') {`
`704`	`705`	`if (++i == len) {`