Skip to content

Unexpected NullPointerException in ProtobufParser.currentName() #460

New issue
New issue
Closed
Closed
Unexpected NullPointerException in ProtobufParser.currentName()#460
Labels
protobuf
Milestone
 
2.17.0
@arthurscchan

Description

@arthurscchan
arthurscchan
opened on Jan 17, 2024

In the ProtobufParser.currentName() method, there is an invocation of the ProtobufReadContext .getParent() method which could return a null value when the input is malformed and ended unexpectedly because there is no parent read context exists. If the result is null, the code will throw a NullPointerException in the next line when the ProtobufReadContext ::getCurrentName() method is called.

 @Override // since 2.17
    public String currentName() throws IOException
    {
        if (_currToken == JsonToken.START_OBJECT || _currToken == JsonToken.START_ARRAY) {
            ProtobufReadContext parent = _parsingContext.getParent();
            return parent.getCurrentName();
        }
        return _parsingContext.getCurrentName();
    }

The suggested fix is to add a null checking after the invocation of the ProtobufReadContext .getParent() method and throw an exception if the return value stored in parent is indeed null.

We found this issue by OSS-Fuzz and it is reported in https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65674.

Metadata

Metadata

Assignees

No one assigned

    Labels

    protobuf

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions