tracker issue : CF-4198528

select a category, or use search below
(searches all categories and all time range)

Incorrect JSON Serialization of certain Errors

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/Fixed

Reporter/Name(from Bugbase): Bryan Henderson / Bryan Henderson ()

Created: 04/17/2017

Components: Serialization

Versions: 2016,11.0,2018

Failure Type: Data Corruption

Found In Build/Fixed In Build: 11,0,11,301867 / 2018,0,02,312775

Priority/Frequency: Normal / All users will encounter

Locale/System: / Windows 10 64 bit

Vote Count: 0

Problem Description:
SerializeJSON will fail to quote the "character" key value in errors that occur when parsing JSON (DeserializeJSON(string))

Steps to Reproduce:
try {
	deserializeJSON('<!DOCTYPE ..'); // HTML string where JSON was expected
} catch (any e) {
	bad = serializeJSON(e); // produces invalid JSON
	deserializeJSON(bad); // throws error indicating issue

Actual Result:
... "character":<, ...

Expected Result:
... "character":"<", ...

Any Workarounds:


  1. May 22, 2017 00:00:00: errorExample.gif


Bryan, Could we get a screenshot of the issue? Here's what we see on ColdFusion 11 update 11 and 12, and ColdFusion 2016 generated logs, JSON parsing failure at character 7550:'<' in {"Suppressed":[],"Locale":null,"Type":"Application","RootCause":null,"offset":1,"Stack... coldfusion.runtime.JSONUtils$JSONParseException: JSON parsing failure at character 7550:'<' in {"Suppressed":[],"Locale":null,"Type":"Applicatio...
Comment by Immanuel N.
926 | May 22, 2017 10:45:38 AM GMT
that is the correct response given the example code above... but the actual and expected results are not concerned with the final error that is thrown in the example code... the error you are seeing proves that CF cannot deserialize a string it creates. it is concerned with the invalid json created by the serializedJSON function call... in other words, if CF was working correctly, it should not have thrown an error at all... the problem is the invalid JSON that is being generated. Serializing the cfcatch object generated due to the caught error produces invalid JSON: try { deserializeJSON('<!DOCTYPE ..'); // HTML string where JSON was expected } catch (any e) { writeOutput(serializeJSON(e)); // produces invalid JSON } This function will print the bad JSON where you can find the invalid text shown in the actual result above. Sorry, I guess I gave you too much information.
Comment by Bryan H.
927 | May 22, 2017 04:03:47 PM GMT
Here is another example: try { evaluate("((abs(1))|)"); // invalid expression } catch (any e) { writeDump(serializeJSON(e)); // serialize the error with intent of viewing later (cant view later because produces invalid JSON) } Actual Result: ... "curChar":), ... Expected result: ... "curChar":")", ...
Comment by Bryan H.
928 | May 22, 2017 07:50:39 PM GMT
the attachment 'errorExample.gif' shows the dump of the error that we are trying to serialize to JSON... the 'curChar' key value in the exception object is being serialized as a numeric value (no quotes) when it should be serialized as a string (with quotes)... in the original example, the exception object key that gets incorrectly serialized as a numeric value is the 'character' key.
Comment by Bryan H.
929 | May 22, 2017 08:19:10 PM GMT
Hello? do you need any more information? are you able to fix this issue?
Comment by Bryan H.
930 | July 11, 2017 04:45:37 PM GMT
We will be fixing this. Thanks for reporting!
Comment by Immanuel N.
931 | November 08, 2017 07:55:23 AM GMT