Prevent NumberFormatException on ill-formed unicode escape

fmeum · fmeum · commit 14501749eb1a · 2021-03-09T08:04:18.000+01:00
diff --git a/klaxon/src/main/kotlin/com/beust/klaxon/Lexer.kt b/klaxon/src/main/kotlin/com/beust/klaxon/Lexer.kt
@@ -126,7 +126,11 @@ class Lexer(passedReader: Reader, val lenient: Boolean = false): Iterator<Token>
                                     throw KlaxonException("EOF reached in unicode char after: u$unicodeChar")
                                 }
 
-                                val intValue = java.lang.Integer.parseInt(unicodeChar.toString(), 16)
+                                val intValue = try {
+                                    java.lang.Integer.parseInt(unicodeChar.toString(), 16)
+                                } catch(e: NumberFormatException) {
+                                    throw KlaxonException("Failed to parse unicode char: u$unicodeChar")
+                                }
                                 currentValue.append(intValue.toChar())
                             }
                             else -> currentValue.append(c)
diff --git a/klaxon/src/test/kotlin/com/beust/klaxon/JazzerTest.kt b/klaxon/src/test/kotlin/com/beust/klaxon/JazzerTest.kt
@@ -32,4 +32,10 @@ class JazzerTest {
         val json = "\"\\u"
         Parser.default().parse(StringBuilder(json))
     }
+
+    @Test(expectedExceptions = [KlaxonException::class])
+    fun nonNumericUnicodeEscape() {
+        val json = "\"\\u\\\\{["
+        Parser.default().parse(StringBuilder(json))
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -126,7 +126,11 @@ class Lexer(passedReader: Reader, val lenient: Boolean = false): Iterator<Token>`
`126`	`126`	`throw KlaxonException("EOF reached in unicode char after: u$unicodeChar")`
`127`	`127`	`}`
`128`	`128`
`129`		`- val intValue = java.lang.Integer.parseInt(unicodeChar.toString(), 16)`
	`129`	`+ val intValue = try {`
	`130`	`+ java.lang.Integer.parseInt(unicodeChar.toString(), 16)`
	`131`	`+ } catch(e: NumberFormatException) {`
	`132`	`+ throw KlaxonException("Failed to parse unicode char: u$unicodeChar")`
	`133`	`+ }`
`130`	`134`	`currentValue.append(intValue.toChar())`
`131`	`135`	`}`
`132`	`136`	`else -> currentValue.append(c)`
Original file line number	Diff line number	Diff line change
`@@ -32,4 +32,10 @@ class JazzerTest {`
`32`	`32`	`val json = "\"\\u"`
`33`	`33`	`Parser.default().parse(StringBuilder(json))`
`34`	`34`	`}`
	`35`	`+`
	`36`	`+ @Test(expectedExceptions = [KlaxonException::class])`
	`37`	`+ fun nonNumericUnicodeEscape() {`
	`38`	`+ val json = "\"\\u\\\\{["`
	`39`	`+ Parser.default().parse(StringBuilder(json))`
	`40`	`+ }`
`35`	`41`	`}`