Fix #497 wrt TOML too (last one) (#572)

Author: cowtowncoder

release-notes/VERSION-2.x

@@ -16,9 +16,9 @@ Active Maintainers:
 
 (not yet released)
 
-#497: (csv, yaml): `UTF8Reader` throws "Need to move partially decoded character;
+#497: (csv, toml, yaml): `UTF8Reader` throws "Need to move partially decoded character;
   buffer not modifiable" when read only one chinese char
- NOTE: csv part fixed in 2.19.0, yaml in 2.20.0
+ NOTE: csv part fixed in 2.19.0, toml and yaml in 2.20.0
  (reported by @mrtaolili)
 
 2.20.0-rc1 (04-Aug-2025)

toml/src/main/java/com/fasterxml/jackson/dataformat/toml/UTF8Reader.java

@@ -24,6 +24,16 @@ public final class UTF8Reader
 
     private byte[] _inputBuffer;
 
+    /**
+     * Flag set to indicate {@code inputBuffer} is read-only, and its
+     * content should not be modified. This is the case when caller
+     * has passed in a buffer of contents already read, instead of Jackson
+     * allocating read buffer.
+     *
+     * @since 2.20
+     */
+    private final boolean _inputBufferReadOnly;
+
     /**
      * Pointer to the next available byte (if any), iff less than
      * <code>mByteBufferEnd</code>
@@ -59,12 +69,14 @@ public final class UTF8Reader
 
     // Constructor used when caller gives us
     private UTF8Reader(IOContext ctxt, InputStream in, boolean autoClose,
-            byte[] buf, int ptr, int end)
+            byte[] buf, int ptr, int end,
+            boolean inputBufferReadOnly)
     {
         super((in == null) ? buf : in);
         _ioContext = ctxt;
         _inputSource = in;
         _inputBuffer = buf;
+        _inputBufferReadOnly = inputBufferReadOnly;
         _inputPtr = ptr;
         _inputEnd = end;
         _autoClose = autoClose;
@@ -75,14 +87,16 @@ private UTF8Reader(IOContext ctxt, InputStream in, boolean autoClose,
     public static UTF8Reader construct(IOContext ctxt, InputStream in, boolean autoClose)
     {
         final byte[] buf = ctxt.allocReadIOBuffer();
-        return new UTF8Reader(ctxt, in, autoClose, buf, 0, 0);
+        // We manage input buffer; read-only -> false
+        return new UTF8Reader(ctxt, in, autoClose, buf, 0, 0, false);
     }
 
     // Factory method used when user passes us input in static pre-filled
     // input buffer: no InputStream nor buffer recycling used
     public static UTF8Reader construct(byte[] buf, int ptr, int len)
     {
-        return new UTF8Reader(null, null, true, buf, ptr, ptr+len);
+        // We are passed input buffer; read-only -> true
+        return new UTF8Reader(null, null, true, buf, ptr, ptr+len, true);
     }
 
     /**
@@ -101,15 +115,6 @@ private void freeBuffers()
         }
     }
 
-    /**
-     * Method that can be used to see if we can actually modify the
-     * underlying buffer. This is the case if we are managing the buffer,
-     * but not if it was just given to us.
-     */
-    protected final boolean canModifyBuffer() {
-        return (_ioContext != null);
-    }
-
     /*
     /**********************************************************************
     /* Reader API
@@ -326,27 +331,17 @@ private boolean loadMore(int available) throws IOException
     {
         _byteCount += (_inputEnd - available);
 
-        // Bytes that need to be moved to the beginning of buffer?
         if (available > 0) {
+            // Should we move bytes to the beginning of buffer?
             if (_inputPtr > 0) {
-                if (!canModifyBuffer()) {
-                    // 15-Aug-2022, tatu: Occurs (only) if we have half-decoded UTF-8
-                    //     characters; uncovered by:
-                    //
-                    // https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50036
-                    //
-                    // and need to be reported as IOException
-                    if (_inputSource == null) {
-                        throw new IOException(String.format(
-"End-of-input after first %d byte(s) of a UTF-8 character: needed at least one more",
-available));
+                // Can only do so if buffer mutable
+                if (!_inputBufferReadOnly) {
+                    for (int i = 0; i < available; ++i) {
+                        _inputBuffer[i] = _inputBuffer[_inputPtr+i];
                     }
+                    _inputPtr = 0;
+                    _inputEnd = available;
                 }
-                for (int i = 0; i < available; ++i) {
-                    _inputBuffer[i] = _inputBuffer[_inputPtr+i];
-                }
-                _inputPtr = 0;
-                _inputEnd = available;
             }
         } else {
             // Ok; here we can actually reasonably expect an EOF, so let's do a separate read right away:

toml/src/test/java/com/fasterxml/jackson/dataformat/toml/FuzzTomlReadTest.java

@@ -49,8 +49,8 @@ public void testUTF8Decoding50036() throws Exception
             fail("Should not pass");
         // NOTE! This is an actual IOException in Jackson 2.x
         } catch (IOException e) {
-            verifyException(e, "End-of-input after first 1 byte");
-            verifyException(e, "of a UTF-8 character");
+            verifyException(e, "Unexpected EOF in the middle of a multi-byte");
+            verifyException(e, "got 1, needed 2");
         }
     }