From 2add4436ddbf35505f80cf1c7ab68221902884f1 Mon Sep 17 00:00:00 2001
From: Julien Viet <julien@julienviet.com>
Date: Wed, 29 Jan 2020 00:42:06 +0100
Subject: [PATCH] Parsing a JSON value should fail when there is extra content
 in the parsed input - see #3260

---
 .../vertx/core/json/jackson/DatabindCodec.java   |  6 ++++++
 .../io/vertx/core/json/jackson/JacksonCodec.java | 11 +++++++++--
 .../java/io/vertx/core/json/JsonCodecTest.java   | 16 ++++++++--------
 3 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/src/main/java/io/vertx/core/json/jackson/DatabindCodec.java b/src/main/java/io/vertx/core/json/jackson/DatabindCodec.java
index 179fd193e..41d2691e8 100644
--- a/src/main/java/io/vertx/core/json/jackson/DatabindCodec.java
+++ b/src/main/java/io/vertx/core/json/jackson/DatabindCodec.java
@@ -12,6 +12,7 @@
 package io.vertx.core.json.jackson;
 
 import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.JsonToken;
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.SerializationFeature;
@@ -129,13 +130,18 @@ public class DatabindCodec extends JacksonCodec {
 
   public static <T> T fromParser(JsonParser parser, Class<T> type) throws DecodeException {
     T value;
+    JsonToken remaining;
     try {
       value = DatabindCodec.mapper.readValue(parser, type);
+      remaining = parser.nextToken();
     } catch (Exception e) {
       throw new DecodeException("Failed to decode:" + e.getMessage(), e);
     } finally {
       close(parser);
     }
+    if (remaining != null) {
+      throw new DecodeException("Unexpected trailing token");
+    }
     if (type == Object.class) {
       value = (T) adapt(value);
     }
diff --git a/src/main/java/io/vertx/core/json/jackson/JacksonCodec.java b/src/main/java/io/vertx/core/json/jackson/JacksonCodec.java
index 19422e8af..ab2723bb3 100644
--- a/src/main/java/io/vertx/core/json/jackson/JacksonCodec.java
+++ b/src/main/java/io/vertx/core/json/jackson/JacksonCodec.java
@@ -14,6 +14,7 @@ package io.vertx.core.json.jackson;
 import com.fasterxml.jackson.core.JsonFactory;
 import com.fasterxml.jackson.core.JsonGenerator;
 import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.JsonToken;
 import com.fasterxml.jackson.core.JsonTokenId;
 import com.fasterxml.jackson.core.type.TypeReference;
 import io.netty.buffer.ByteBuf;
@@ -165,15 +166,21 @@ public class JacksonCodec implements JsonCodec {
   }
 
   public static <T> T fromParser(JsonParser parser, Class<T> type) throws DecodeException {
+    Object res;
+    JsonToken remaining;
     try {
       parser.nextToken();
-      Object res = parseAny(parser);
-      return cast(res, type);
+      res = parseAny(parser);
+      remaining = parser.nextToken();
     } catch (IOException e) {
       throw new DecodeException(e.getMessage(), e);
     } finally {
       close(parser);
     }
+    if (remaining != null) {
+      throw new DecodeException("Unexpected trailing token");
+    }
+    return cast(res, type);
   }
 
   private static Object parseAny(JsonParser parser) throws IOException, DecodeException {
diff --git a/src/test/java/io/vertx/core/json/JsonCodecTest.java b/src/test/java/io/vertx/core/json/JsonCodecTest.java
index c9b268935..8ae79a883 100644
--- a/src/test/java/io/vertx/core/json/JsonCodecTest.java
+++ b/src/test/java/io/vertx/core/json/JsonCodecTest.java
@@ -290,7 +290,7 @@ public class JsonCodecTest {
         "  line comment this time inside the JSON object itself\n" +
         "*/\n" +
         "}";
-    JsonObject json = new JsonObject(jsonWithComments);
+    JsonObject json = new JsonObject(mapper.fromString(jsonWithComments, Map.class));
     assertEquals("{\"foo\":\"bar\"}", mapper.toString(json));
   }
 
@@ -311,20 +311,20 @@ public class JsonCodecTest {
         "  line comment this time inside the JSON array itself\n" +
         "*/\n" +
         "]";
-    JsonArray json = new JsonArray(jsonWithComments);
+    JsonArray json = new JsonArray(mapper.fromString(jsonWithComments, List.class));
     assertEquals("[\"foo\",\"bar\"]", mapper.toString(json));
   }
 
   @Test
   public void testDecodeJsonObjectWithInvalidJson() {
-    for (String test : new String[] { "null", "3", "\"3", "qiwjdoiqwjdiqwjd" }) {
+    for (String test : new String[] { "3", "\"3", "qiwjdoiqwjdiqwjd", "{\"foo\":1},{\"bar\":2}", "{\"foo\":1} 1234" }) {
       try {
-        new JsonObject(test);
+        mapper.fromString(test, Map.class);
         fail();
       } catch (DecodeException ignore) {
       }
       try {
-        new JsonObject(Buffer.buffer(test));
+        mapper.fromBuffer(Buffer.buffer(test), Map.class);
         fail();
       } catch (DecodeException ignore) {
       }
@@ -333,14 +333,14 @@ public class JsonCodecTest {
 
   @Test
   public void testDecodeJsonArrayWithInvalidJson() {
-    for (String test : new String[] { "null", "3", "\"3", "qiwjdoiqwjdiqwjd" }) {
+    for (String test : new String[] { "3", "\"3", "qiwjdoiqwjdiqwjd", "[1],[2]", "[] 1234" }) {
       try {
-        new JsonArray(test);
+        mapper.fromString(test, List.class);
         fail();
       } catch (DecodeException ignore) {
       }
       try {
-        new JsonArray(Buffer.buffer(test));
+        mapper.fromBuffer(Buffer.buffer(test), List.class);
         fail();
       } catch (DecodeException ignore) {
       }