Endless loop in serializeJSON() with Java objects

Description

When calling serializeJSON() on certain Java objects (or structs/arrays containing such objects), an endless loop occurs, leading to a stack overflow, out of memory exception, or Lucee just sitting there with 100% CPU indefinitely.

This can be reproduced by running the following code (WARNING: Lucee might hang indefinitely until restart!).

The DayOfWeek class is one class I stumbled upon, but there might be more. Also, I have not yet tried to build a custom test class to trigger this error.

I came across this issue when trying to serialize an exception in a catch block, for logging purposes. This exception sometimes happened to contain a Java object which was triggering this behavior.

Looking into the source, there seems to be a loop detection in lucee.runtime.JSONConverter, but it's probably not up to the task.

Edit: Also, invoking every single getter found in a class (as is done in JSONConverter._serializeClass) might turn out to be problematic IMHO.

Environment

Java 11.0.4 (AdoptOpenJDK) 64bit
Apache Tomcat/9.0.24

Attachments

Activity

Pothys - MitrahSoft
24 May 2021 at 12:46
(edited)

I've checked this ticket and confirmed the issue happened on lucee affected and latest version 5.3.8.175-SNAPSHOT also. Same stack overflow error throws and sometimes service unavailable.

lucee.runtime.exp.NativeException: java.lang.StackOverflowErrorat java.security.AccessController.doPrivileged(Native Method)at sun.reflect.MethodAccessorGenerator.generate(Unknown Source)at sun.reflect.MethodAccessorGenerator.generateMethod(Unknown Source)at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)at java.lang.reflect.Method.invoke(Unknown Source)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:172)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONConverter._serializeStruct(JSONConverter.java:335)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:181)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONConverter._serializeStruct(JSONConverter.java:335)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:181)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONConverter._serializeStruct(JSONConverter.java:335)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:181)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONConverter._serializeStruct(JSONConverter.java:335)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:181)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONConverter._serializeStruct(JSONConverter.java:335)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:181)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONConverter._serializeStruct(JSONConverter.java:335)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:181)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONConverter._serializeStruct(JSONConverter.java:335)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:181)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONConverter._serializeStruct(JSONConverter.java:335)at lucee.runtime.converter.JSONConverter._serializeClass(JSONConverter.java:181)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:783)at lucee.runtime.converter.JSONConverter._serializeArray(JSONConverter.java:268)at lucee.runtime.converter.JSONConverter._serialize(JSONConverter.java:765)at lucee.runtime.converter.JSONCo

Resize issue view side panel

Details

Assignee

Michael Offner

Reporter

F K

Priority

New

Labels

json

New Issue warning screen

Before you create a new Issue, please post to the mailing list first https://dev.lucee.org

Once the issue has been verified, one of the Lucee team will ask you to file an issue

Affects versions

5.3.7.47

Created 23 May 2021 at 09:53

Updated 24 May 2021 at 12:50