Fix numeric overflow in JSON integral coercion and add tests

seethinajayadileep · seethinajayadileep · commit 5ad714bb2036 · 2026-03-05T13:23:07.000+05:30
diff --git a/java/src/org/openqa/selenium/json/JsonInput.java b/java/src/org/openqa/selenium/json/JsonInput.java
@@ -263,7 +263,7 @@ public Number nextNumber() {
         return Long.valueOf(builder.toString());
       }
 
-      return new BigDecimal(builder.toString());
+      return new BigDecimal(builder.toString()).doubleValue();
     } catch (NumberFormatException e) {
       throw new JsonException("Unable to parse to a number: " + builder + ". " + input, e);
     }
diff --git a/java/src/org/openqa/selenium/json/NumberCoercer.java b/java/src/org/openqa/selenium/json/NumberCoercer.java
@@ -88,7 +88,9 @@ public BiFunction<JsonInput, PropertySetting, T> apply(Type ignored) {
   }
 
   private static void validateIntegralRange(Number number, Class<?> stereotype) {
-    // Only for integral targets
+    // Prevent silent overflow when JSON numbers are coerced to integral types.
+    // Java's Number.intValue()/longValue() silently wraps values outside the
+    // valid range, which previously produced incorrect results instead of errors.
     if (!(stereotype == Byte.class
         || stereotype == Short.class
         || stereotype == Integer.class
@@ -98,7 +100,7 @@ private static void validateIntegralRange(Number number, Class<?> stereotype) {
 
     final BigInteger value;
     try {
-      // Parses "2147483648", "1e3", "1.0" safely; rejects "1.2"
+      // Use BigDecimal so we can reject fractional values and validate range before coercion.
       BigDecimal bd =
           (number instanceof BigDecimal) ? (BigDecimal) number : new BigDecimal(number.toString());
       value = bd.toBigIntegerExact();
diff --git a/java/test/org/openqa/selenium/json/JsonTest.java b/java/test/org/openqa/selenium/json/JsonTest.java
@@ -72,6 +72,26 @@ void canReadANumber() {
     assertThat((Double) new Json().toType("4.2e-1", Double.class)).isEqualTo(0.42);
   }
 
+  @Test
+  void shouldRejectIntegerOverflow() {
+    Json json = new Json();
+
+    assertThatExceptionOfType(JsonException.class)
+        .isThrownBy(() -> json.toType("2147483648", Integer.class))
+        .withMessageContaining("out of range")
+        .withMessageContaining("Integer");
+  }
+
+  @Test
+  void shouldRejectFractionalValueForInteger() {
+    Json json = new Json();
+
+    assertThatExceptionOfType(JsonException.class)
+        .isThrownBy(() -> json.toType("1.2", Integer.class))
+        .withMessageContaining("Expected an integer value")
+        .withMessageContaining("Integer");
+  }
+
   @Test
   void canRoundTripNumbers() {
     Map<String, Object> original = Map.of("options", Map.of("args", List.of(1L, "hello")));

Original file line number	Diff line number	Diff line change
`@@ -263,7 +263,7 @@ public Number nextNumber() {`
`263`	`263`	`return Long.valueOf(builder.toString());`
`264`	`264`	`}`
`265`	`265`
`266`		`- return new BigDecimal(builder.toString());`
	`266`	`+ return new BigDecimal(builder.toString()).doubleValue();`
`267`	`267`	`} catch (NumberFormatException e) {`
`268`	`268`	`throw new JsonException("Unable to parse to a number: " + builder + ". " + input, e);`
`269`	`269`	`}`