1 package com.fasterxml.jackson.databind.deser.dos; 2 3 import com.fasterxml.jackson.core.exc.InputCoercionException; 4 import com.fasterxml.jackson.databind.*; 5 6 // for [databind#2157] 7 public class HugeIntegerCoerceTest extends BaseMapTest 8 { 9 private final static int BIG_NUM_LEN = 199999; 10 private final static String BIG_POS_INTEGER; 11 static { 12 StringBuilder sb = new StringBuilder(BIG_NUM_LEN); 13 for (int i = 0; i < BIG_NUM_LEN; ++i) { 14 sb.append('9'); 15 } 16 BIG_POS_INTEGER = sb.toString(); 17 } 18 19 private final ObjectMapper MAPPER = objectMapper(); // shared is fine 20 testMaliciousLongForEnum()21 public void testMaliciousLongForEnum() throws Exception 22 { 23 // Note: due to [jackson-core#488], fix verified with streaming over multiple 24 // parser types. Here we focus on databind-level 25 26 try { 27 /*ABC value =*/ MAPPER.readValue(BIG_POS_INTEGER, ABC.class); 28 fail("Should not pass"); 29 } catch (InputCoercionException e) { 30 verifyException(e, "out of range of int"); 31 verifyException(e, "Integer with "+BIG_NUM_LEN+" digits"); 32 } 33 } 34 } 35