[release/5.0-rc2] Prevent JSON async deserialization errors when partial buffer ends in the middle of null token (#42158) #42359
Conversation
* Repro dotnet#42070 * formatting * namespace * Fix * never forget the header * More tests - Test continuation at every position inside the tested object - Many member with primitive and nullable types - One more level of nested object - All combinations of class/struct for tested and nested object - tested and nested object with parametrized ctor for some properties * Addressed feedback * Test with original repro data from dotnet#42070 * custom converter to ensure the padding is written in front of the tested object * rename * test data moved to Strings.resx
layomia
added
Servicing-consider
|
Great info in template. However if this is a bad regression why did we only know about it now at the last minute? Or did it regress recently? |
|
I think more people are trying out System.Text.Json in .NET 5 due to RC1 release, especially as |
|
Thanks. It would be good to include that extended testing in this PR, if it’s for related issues. The goal is to minimize the possibility we have to bring another. We can take to tactics tomorrow even if that part is not ready, but that way if something else is found we can potentially roll it in before we merge it. |
|
Okay to wait until the extended testing is in - #42393. |
|
@ericstj I’m supportive, feel free to send mail to tactics if you support it |
|
Don't let it stop this PR, but I think these test strings of > 200KB probably should be in the test data repo as they just bloat the repo. Once you've merged them though, that bloat is locked in so it's more of a future suggestion. |
|
approved over mail. Merge at will. You can address the string suggestion in master. @danmosemsft we're usually more sensitive about the type of data and how much it changes. Text data is typically OK at somewhat larger sizes if it doesn't change too often, since it compresses really well in git. In fact git uses zlib compression which is based on DEFLATE same as zip used in nupkg. Binary data, especially binary data that changes often, is what we make sure to put in assets packages. Also any large data that would be considered "optional" for some repo consumers. Maybe we could write some guidelines down somewhere :) |
|
@ericstj that makes sense. sounds good |
Opened #42428 to track these. |
ghost
locked as resolved and limited conversation to collaborators
Backport of #42158 ("Fix continuation of JSON deserialization") to release/5.0-rc2. Updated this PR's title to more accurately reflect the issue being fixed.
Customer Impact
blocking-release/regression-from-last-release.Prior to this PR, the serializer could throw a JSON exception when async deserializing JSON payloads that contain null tokens. If a partial segment of the payload being read ended in the middle of a null token, the serializer could throw a
JsonExceptionafter fetching more data and resuming deserialization.A simple example:
Initial buffer:
{"Foo":"Bar","Baz":nuNext buffer:
ll,"Qux":"Quux"}// Serializer throws error when resuming deserializing after fetching this data.asyncandnullhandling are both commonly used features in the serializer. This issue would likely be faced by numerous users if not fixed.Testing
The PR has been tested extensively across multiple factors: null token position, matching property type (nullable/non-nullable), deserialization constructor mode (parameterized/non-parameterized), payload size (small/large), and so on.
The fixing PR has also been verified on customer input which flagged down the issue.
Risk
This fix is small and targeted. It is unlikely to cause issues elsewhere.