Fix a out of bounds exception (#640) when writing to the outBuf (PR #642)

sugmanue · web-flow · commit eed725b39f5c · 2025-12-19T13:47:02.000-08:00
diff --git a/cbor/src/main/java/com/fasterxml/jackson/dataformat/cbor/CBORParser.java b/cbor/src/main/java/com/fasterxml/jackson/dataformat/cbor/CBORParser.java
@@ -2528,7 +2528,7 @@ private final int _finishLongTextAscii(int len) throws IOException
         int outPtr = 0;
         while (len > 0) {
             // load as much input as possible
-            int size = Math.min(len, Math.min(outBuf.length, input.length));
+            int size = Math.min(len, Math.min((outBuf.length - outPtr), input.length));
             if (!_tryToLoadToHaveAtLeast(size)) {
                 return len;
             }
diff --git a/cbor/src/test/java/com/fasterxml/jackson/dataformat/cbor/parse/ParseLongAsciiTextTest.java b/cbor/src/test/java/com/fasterxml/jackson/dataformat/cbor/parse/ParseLongAsciiTextTest.java
@@ -17,19 +17,27 @@ public class ParseLongAsciiTextTest extends CBORTestBase
 
     @Test
     public void testLongNonChunkedAsciiText() throws Exception {
-        try (CBORParser p = CBOR_F.createParser(this.getClass().getResourceAsStream("/data/macbeth-snippet-non-chunked.cbor"))) {
-            assertEquals(JsonToken.VALUE_STRING, p.nextToken());
-            String expected = new String(readResource("/data/macbeth-snippet.txt"), "UTF-8");
-            assertEquals(expected, p.getText());
+        // run several times to allow the internal buffers
+        // to grow
+        for (int x = 0; x < 3 ; x++) {
+            try (CBORParser p = CBOR_F.createParser(this.getClass().getResourceAsStream("/data/macbeth-snippet-non-chunked.cbor"))) {
+                assertEquals(JsonToken.VALUE_STRING, p.nextToken());
+                String expected = new String(readResource("/data/macbeth-snippet.txt"), "UTF-8");
+                assertEquals(expected, p.getText());
+            }
         }
     }
 
     @Test
     public void testLongChunkedAsciiText() throws Exception {
-        try (CBORParser p = CBOR_F.createParser(this.getClass().getResourceAsStream("/data/macbeth-snippet-chunked.cbor"))) {
-            assertEquals(JsonToken.VALUE_STRING, p.nextToken());
-            String expected = new String(readResource("/data/macbeth-snippet.txt"), StandardCharsets.UTF_8);
-            assertEquals(expected, p.getText());
+        // run several times to allow the internal buffers
+        // to grow
+        for (int x = 0; x < 3 ; x++) {
+            try (CBORParser p = CBOR_F.createParser(this.getClass().getResourceAsStream("/data/macbeth-snippet-chunked.cbor"))) {
+                assertEquals(JsonToken.VALUE_STRING, p.nextToken());
+                String expected = new String(readResource("/data/macbeth-snippet.txt"), StandardCharsets.UTF_8);
+                assertEquals(expected, p.getText());
+            }
         }
     }
 }
diff --git a/cbor/src/test/resources/data/macbeth-snippet-chunked.cbor b/cbor/src/test/resources/data/macbeth-snippet-chunked.cbor
@@ -1,4 +1,5 @@
-y�---
+y�The Tragedy of Macbeth, often shortened to Macbeth, is a tragedy by William Shakespeare, estimated to have been first performed in 1606
+---
 Act I, Scene  
 
 A desert place.
@@ -117,11 +118,11 @@ First Witch. Where hast thou been, sister?
 Second Witch. Killing swine.
 Third Witch. Sister, where thou? 
 First Witch. A sailor's wife had chestnuts in her lap,
-And munch'd, and munch'd, and munch'd:-
+And munch'd, and munch'd, any�d munch'd:-
 'Give me,' quoth I:
 'Aroint thee, witch!' the rump-fed ronyon cries.
 Her husband's to Aleppo gone, master o' the Tiger: 
-Buty� in a sieve I'll thither sail,
+But in a sieve I'll thither sail,
 And, like a rat without a tail,
 I'll do, I'll do, and I'll do.
 Second Witch. I'll give thee a wind.
@@ -223,12 +224,13 @@ Nothing afeard of what thyself didst make,
 Strange images of death. As thick as hail
 Came post with post; and every one did bear
 Thy praises in his kingdom's great defence,
-And pour'd them down before him.
+And pour'd them down before himy
+f.
 Angus. We are sent 
 To give thee from our royal master thanks;
 Only to herald thee into his sight,
 Not pay thee.
-Ross. And, for an eary	�nest of a greater honour,
+Ross. And, for an earnest of a greater honour,
 He bade me, from him, call thee thane of Cawdor: 
 In which addition, hail, most worthy thane!
 For it is thine.
diff --git a/cbor/src/test/resources/data/macbeth-snippet-non-chunked.cbor b/cbor/src/test/resources/data/macbeth-snippet-non-chunked.cbor
@@ -1,4 +1,5 @@
-y)---
+y)�The Tragedy of Macbeth, often shortened to Macbeth, is a tragedy by William Shakespeare, estimated to have been first performed in 1606
+---
 Act I, Scene  
 
 A desert place.
diff --git a/cbor/src/test/resources/data/macbeth-snippet.txt b/cbor/src/test/resources/data/macbeth-snippet.txt
@@ -1,3 +1,4 @@
+The Tragedy of Macbeth, often shortened to Macbeth, is a tragedy by William Shakespeare, estimated to have been first performed in 1606
 ---
 Act I, Scene  
 

Original file line number	Diff line number	Diff line change
`@@ -2528,7 +2528,7 @@ private final int _finishLongTextAscii(int len) throws IOException`
`2528`	`2528`	`int outPtr = 0;`
`2529`	`2529`	`while (len > 0) {`
`2530`	`2530`	`// load as much input as possible`
`2531`		`- int size = Math.min(len, Math.min(outBuf.length, input.length));`
	`2531`	`+ int size = Math.min(len, Math.min((outBuf.length - outPtr), input.length));`
`2532`	`2532`	`if (!_tryToLoadToHaveAtLeast(size)) {`
`2533`	`2533`	`return len;`
`2534`	`2534`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,4 @@`
	`1`	`+The Tragedy of Macbeth, often shortened to Macbeth, is a tragedy by William Shakespeare, estimated to have been first performed in 1606`
`1`	`2`	`---`
`2`	`3`	`Act I, Scene`
`3`	`4`