Skip to content

Commit f0f7626

Browse files
author
zhourenjian
committed
Fixed bug in serializing string with characters outside 0x20-0x7e
Deserializing will return silently when given string is in bad format.
1 parent 52e7e59 commit f0f7626

File tree

1 file changed

+13
-1
lines changed

1 file changed

+13
-1
lines changed

sources/net.sf.j2s.ajax/ajaxrpc/net/sf/j2s/ajax/SimpleSerializable.java

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -390,7 +390,7 @@ private void serializeLength(StringBuffer buffer, int length) {
390390
buffer[buffer.length] = 's';
391391
buffer[buffer.length] = String.fromCharCode (baseChar - 1);
392392
} else {
393-
var normal = /^[\u0000-\u00ff]*$/.test(s);
393+
var normal = /^[\r\n\t\u0020-\u007e]*$/.test(s);
394394
if (normal) {
395395
buffer[buffer.length] = 's';
396396
} else {
@@ -459,6 +459,7 @@ private void serializeString(StringBuffer buffer, String s) throws UnsupportedEn
459459
while (index < length) {
460460
var c1 = str.charCodeAt (index++);
461461
var l1 = c1 - baseChar;
462+
if (l1 < 0) return;
462463
var fieldName = str.substring (index, index + l1);
463464
index += l1;
464465
var c2 = str.charAt (index++);
@@ -476,6 +477,7 @@ private void serializeString(StringBuffer buffer, String s) throws UnsupportedEn
476477
if (l2 == -2) {
477478
var c4 = str.charCodeAt(index++);
478479
var l3 = c4 - baseChar;
480+
if (l3 < 0) return;
479481
l2 = parseInt(str.substring(index, index + l3));
480482
if (l2 > 0x4000) { // 16 * 1024
481483
throw new RuntimeException("Array size reaches the limit of Java2Script Simple RPC!");
@@ -502,7 +504,9 @@ private void serializeString(StringBuffer buffer, String s) throws UnsupportedEn
502504
} else if (l3 == -2) {
503505
var c6 = str.charCodeAt (index++);
504506
var l4 = c6 - baseChar;
507+
if (l4 < 0) return;
505508
var l5 = parseInt (str.substring( index, index + l4));
509+
if (l5 < 0) return;
506510
index += l4;
507511
s = str.substring (index, index + l5);
508512
index += l5;
@@ -538,7 +542,9 @@ private void serializeString(StringBuffer buffer, String s) throws UnsupportedEn
538542
} else if (l2 == -2) {
539543
var c4 = str.charCodeAt(index++);
540544
var l3 = c4 - baseChar;
545+
if (l3 < 0) return;
541546
var l4 = parseInt(str.substring(index, index + l3));
547+
if (l4 < 0) return;
542548
index += l3;
543549
s = str.substring(index, index + l4);
544550
index += l4;
@@ -599,6 +605,7 @@ public void deserialize(String str) {
599605
while (index < length) {
600606
char c1 = str.charAt(index++);
601607
int l1 = c1 - baseChar;
608+
if (l1 < 0) return;
602609
String fieldName = str.substring(index, index + l1);
603610
index += l1;
604611
char c2 = str.charAt(index++);
@@ -617,6 +624,7 @@ public void deserialize(String str) {
617624
if (l2 == -2) {
618625
char c4 = str.charAt(index++);
619626
int l3 = c4 - baseChar;
627+
if (l3 < 0) return;
620628
l2 = Integer.parseInt(str.substring(index, index + l3));
621629
if (l2 > 0x4000) { // 16 * 1024
622630
/*
@@ -645,7 +653,9 @@ public void deserialize(String str) {
645653
} else if (l3 == -2) {
646654
char c6 = str.charAt(index++);
647655
int l4 = c6 - baseChar;
656+
if (l4 < 0) return;
648657
int l5 = Integer.parseInt(str.substring(index, index + l4));
658+
if (l5 < 0) return;
649659
index += l4;
650660
ss[i] = str.substring(index, index + l5);
651661
index += l5;
@@ -761,7 +771,9 @@ public void deserialize(String str) {
761771
} else if (l2 == -2) {
762772
char c4 = str.charAt(index++);
763773
int l3 = c4 - baseChar;
774+
if (l3 < 0) return;
764775
int l4 = Integer.parseInt(str.substring(index, index + l3));
776+
if (l4 < 0) return;
765777
index += l3;
766778
s = str.substring(index, index + l4);
767779
index += l4;

0 commit comments

Comments
 (0)