Prevent infinite loop when a /* comment is not terminated

coheigea · dkulp · commit 1268b7558bad · 2022-09-22T12:18:12.000-04:00
diff --git a/src/main/java/org/codehaus/jettison/json/JSONTokener.java b/src/main/java/org/codehaus/jettison/json/JSONTokener.java
@@ -192,7 +192,6 @@ public char nextClean() throws JSONException {
                             if (next() == '/') {
                                 break;
                             }
-                            back();
                         }
                     }
                     break;
diff --git a/src/test/java/org/codehaus/jettison/json/JSONArrayTest.java b/src/test/java/org/codehaus/jettison/json/JSONArrayTest.java
@@ -43,6 +43,24 @@ public void testEscapingInArrayIsTrunedOff() throws JSONException {
       String expectedValue = "[\"a string with / character\",{\"key\":\"http://example.com/foo\"}]";
       assertEquals(expectedValue, array.toString());
     }
-    
-    
+
+    public void testInfiniteLoop() {
+        String str = "[*/*A25] **";
+        try {
+            new JSONArray(str);
+            fail("Failure expected on malformed JSON");
+        } catch (JSONException ex) {
+            // expected
+        }
+    }
+
+    public void testInfiniteLoop2() {
+        String str = "[/";
+        try {
+            new JSONArray(str);
+            fail("Failure expected on malformed JSON");
+        } catch (JSONException ex) {
+            // expected
+        }
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -192,7 +192,6 @@ public char nextClean() throws JSONException {`
`192`	`192`	`if (next() == '/') {`
`193`	`193`	`break;`
`194`	`194`	`}`
`195`		`- back();`
`196`	`195`	`}`
`197`	`196`	`}`
`198`	`197`	`break;`