Integer overflow when parsing JSON #75

frewsxcv · 2015-05-16T18:00:36Z

Code

#![feature(plugin)]
#![plugin(afl_coverage_plugin)]

extern crate afl_coverage;

extern crate serde;

use std::io::{self, Read, Cursor};

use serde::json::{self, Value};


fn main() {
    let mut input = String::new();
    let result = io::stdin().read_to_string(&mut input);
    if result.is_ok() {
        let _: Result<Value, _> = json::from_str(&input);
    }
}

Input

777777777777777777777777777

Crash

root@vultr:~/afl-staging-area2# cargo run < outputs/crashes/id\:000000\,sig\:04\,src\:000000\,op\:havoc\,rep\:16
     Running `target/debug/afl-staging-area2`
thread '<main>' panicked at 'arithmetic operation overflowed', /root/serde/src/json/de.rs:201
An unknown error occurred

To learn more, run the command again with --verbose.

This bug was found using https://github.com/kmcallister/afl.rs 👍

The text was updated successfully, but these errors were encountered:

erickt · 2015-05-19T05:39:49Z

Thanks for finding this!

Vendor deprecated/unstable traits from std::num

erickt closed this as completed in e6776ff May 19, 2015

frewsxcv mentioned this issue May 19, 2015

Integer overflow when parsing JSON scientific notation number #77

Closed

dtolnay added the bug label May 14, 2016

rubdos pushed a commit to rubdos/serde that referenced this issue Jun 20, 2017

Merge pull request serde-rs#75 from aturon/master

1579bf6

Vendor deprecated/unstable traits from std::num

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Integer overflow when parsing JSON #75

Integer overflow when parsing JSON #75

frewsxcv commented May 16, 2015

erickt commented May 19, 2015

Integer overflow when parsing JSON #75

Integer overflow when parsing JSON #75

Comments

frewsxcv commented May 16, 2015

Code

Input

Crash

erickt commented May 19, 2015