Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integer overflow when parsing JSON scientific notation number #77

Closed
frewsxcv opened this issue May 19, 2015 · 0 comments
Closed

Integer overflow when parsing JSON scientific notation number #77

frewsxcv opened this issue May 19, 2015 · 0 comments
Labels
bug

Comments

@frewsxcv
Copy link
Contributor

This is a different issue from #75

Code

#![feature(plugin)]
#![plugin(afl_coverage_plugin)]

extern crate afl_coverage;

extern crate serde;

use std::io::{self, Read, Cursor};

use serde::json::{self, Value};


fn main() {
    let mut input = String::new();
    let result = io::stdin().read_to_string(&mut input);
    if result.is_ok() {
        if let Ok(j) = json::from_str::<json::Value>(&input) {
            let _ = json::to_string(&j);
        }
    }
}

Input

[7E-7777777777]

Crash

root@vultr:~/afl-staging-area2# cargo run < outputs/crashes/id\:000008*
     Running `target/debug/afl-staging-area2`
thread '<main>' panicked at 'arithmetic operation overflowed', /root/serde/serde/src/json/de.rs:270
An unknown error occurred

To learn more, run the command again with --verbose.

This bug was found using https://github.com/kmcallister/afl.rs 👍
@erickt erickt closed this as completed in 745a95b Jun 8, 2015
erickt added a commit that referenced this issue Jun 8, 2015
@erickt
Merge pull request #80 from ProtectedMode/master
7dc1a64 
Fix #77, integer overflow when parsing JSON scientific notation number.
@dtolnay dtolnay added the bug label May 14, 2016
rubdos pushed a commit to rubdos/serde that referenced this issue Jun 20, 2017
@alexcrichton
Merge pull request serde-rs#77 from andersk/complex-neg
80b6f92 
Require Neg for Complex conj and inv
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Milestone
No milestone
Development

No branches or pull requests
2 participants
@frewsxcv @dtolnay