Fix infinite loop when parsing invalid regular expressions

JAVA-2228

Author: rozza

bson/src/main/org/bson/json/JsonBuffer.java

@@ -20,6 +20,7 @@ class JsonBuffer {
 
     private final String buffer;
     private int position;
+    private boolean eof;
 
     public JsonBuffer(final String buffer) {
         this.buffer = buffer;
@@ -34,10 +35,18 @@ public void setPosition(final int position) {
     }
 
     public int read() {
-        return (position >= buffer.length()) ? -1 : buffer.charAt(position++);
+        if (eof) {
+            throw new JsonParseException("Trying to read past EOF.");
+    } else if (position >= buffer.length()) {
+            eof = true;
+            return -1;
+        }  else {
+            return buffer.charAt(position++);
+        }
     }
 
     public void unread(final int c) {
+        eof = false;
         if (c != -1 && buffer.charAt(position - 1) == c) {
             position--;
         }

bson/src/main/org/bson/json/JsonScanner.java

@@ -134,6 +134,9 @@ private JsonToken scanRegularExpression() {
             switch (state) {
                 case IN_PATTERN:
                     switch (c) {
+                        case -1:
+                            state = RegularExpressionState.INVALID;
+                            break;
                         case '/':
                             state = RegularExpressionState.IN_OPTIONS;
                             options = buffer.getPosition();
@@ -174,6 +177,7 @@ private JsonToken scanRegularExpression() {
                     }
                     break;
                 default:
+                    break;
             }
 
             switch (state) {

bson/src/test/unit/org/bson/json/JsonBufferTest.java

@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2008-2014 MongoDB, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bson.json;
+
+import org.junit.Test;
+
+import static org.junit.Assert.assertEquals;
+
+public class JsonBufferTest {
+
+    @Test
+    public void testRead() {
+        JsonBuffer buffer = new JsonBuffer("ABC");
+        assertEquals('A', buffer.read());
+        assertEquals('B', buffer.read());
+        assertEquals('C', buffer.read());
+        assertEquals(-1, buffer.read());
+    }
+
+    @Test
+    public void testUnRead() {
+        JsonBuffer buffer = new JsonBuffer("A");
+        buffer.unread(buffer.read());
+        assertEquals('A', buffer.read());
+        assertEquals(-1, buffer.read());
+    }
+
+    @Test
+    public void testPosition() {
+        JsonBuffer buffer = new JsonBuffer("ABC");
+
+        buffer.setPosition(2);
+        assertEquals(2, buffer.getPosition());
+    }
+
+    @Test(expected = JsonParseException.class)
+    public void testEOFCheck() {
+        JsonBuffer buffer = new JsonBuffer("");
+
+        buffer.read();
+        buffer.read();
+    }
+}

bson/src/test/unit/org/bson/json/JsonReaderTest.java

@@ -590,7 +590,6 @@ public void testClosedState() {
         bsonReader.readBinaryData();
     }
 
-    //TODO Together with next text this is just an indicator that our behavior is not very correct.
     @Test(expected = JsonParseException.class)
     public void testEndOfFile0() {
         String json = "{";
@@ -600,13 +599,13 @@ public void testEndOfFile0() {
         bsonReader.readBsonType();
     }
 
-    @Test
+    @Test(expected = JsonParseException.class)
     public void testEndOfFile1() {
         String json = "{ test : ";
         bsonReader = new JsonReader(json);
         assertEquals(BsonType.DOCUMENT, bsonReader.readBsonType());
         bsonReader.readStartDocument();
-        assertEquals(BsonType.END_OF_DOCUMENT, bsonReader.readBsonType());
+        bsonReader.readBsonType();
     }
 
     @Test

bson/src/test/unit/org/bson/json/JsonScannerTest.java

@@ -31,7 +31,6 @@ public void testEndOfFile() {
         JsonToken token = scanner.nextToken();
         assertEquals(JsonTokenType.END_OF_FILE, token.getType());
         assertEquals("<eof>", token.getValue());
-        assertEquals(-1, buffer.read());
     }
 
     @Test
@@ -503,7 +502,15 @@ public void testInvalidRegularExpression() {
         String json = "\t /pattern/nsk,";
         JsonBuffer buffer = new JsonBuffer(json);
         JsonScanner scanner = new JsonScanner(buffer);
-        JsonToken token = scanner.nextToken();
+        scanner.nextToken();
+    }
+
+    @Test(expected = JsonParseException.class)
+    public void testInvalidRegularExpressionNoEnd() {
+        String json = "/b";
+        JsonBuffer buffer = new JsonBuffer(json);
+        JsonScanner scanner = new JsonScanner(buffer);
+        scanner.nextToken();
     }
 
     @Test(expected = JsonParseException.class)