Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing json validation on parsing with intermediate JsonObject representation #2849

Open
kunyavskiy opened this issue Nov 6, 2024 · 2 comments
Open

Missing json validation on parsing with intermediate JsonObject representation #2849

kunyavskiy opened this issue Nov 6, 2024 · 2 comments
Assignees
@sandwwraith
Labels
bug

Comments

@kunyavskiy
Copy link

kunyavskiy commented Nov 6, 2024
edited
Loading

Describe the bug

Long values are not validated to be actual longs when parsed from JsonObject

To Reproduce

import kotlinx.serialization.json.*
import kotlinx.serialization.*

@Serializable
data class A(val a: Long)

fun main() {
    val str = """{"a":"12:34:45"}"""
    println(Json.decodeFromJsonElement<A>(Json.decodeFromString<JsonObject>(str)))
    println(Json.decodeFromString<A>(str))
}

Expected behavior

Both crash with SerializationException.
Actually first prints A(a=12), while second one crashes. Btw, the error message in the second one is really misleading.

Environment

  • Kotlin version: 2.0.20
  • Library version: 1.7.3
  • Kotlin platforms: JVM
@sandwwraith sandwwraith added the bug label Nov 6, 2024
@sandwwraith sandwwraith self-assigned this Nov 6, 2024
@sandwwraith
Copy link
Member

Another incorrect input for the same snippet: """{"a": "3 digit then random string"}"""
From #2656

@sandwwraith sandwwraith mentioned this issue Nov 6, 2024
Closed
@sandwwraith
Copy link
Member

Related issues with JsonLiteral: #2511 #2375 #1298

sandwwraith added a commit that referenced this issue Nov 8, 2024
@sandwwraith
Correctly parse invalid numbers in JsonLiteral.long and other extensions
6ea0d2c 
Content must be consumed fully, with no leftovers after number.
Also simplify try/catching logic — JsonLiteral.long should throw NumberFormatException, while decoding from JsonElement should throw JsonDecodingException

Fixes #2849
@sandwwraith sandwwraith mentioned this issue Nov 8, 2024
Merged
sandwwraith added a commit that referenced this issue Nov 19, 2024
@sandwwraith
Correctly parse invalid numbers in JsonLiteral.long and other extensi…
21c9e97 
…ons (#2852)

Content must be consumed fully, with no leftovers after number.
Also simplify try/catching logic — JsonLiteral.long should throw NumberFormatException, while decoding from JsonElement should throw JsonDecodingException

Fixes #2849
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sandwwraith sandwwraith

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kunyavskiy @sandwwraith