Key Information Summary Vulnerability Type Assertion Failure Affected Function Source File Line Number 204 Assertion Mechanism and Root Cause Root Cause: Inconsistency between JSON parsing and serialization when handling malformed JSON input containing invalid Unicode escape sequences. Vulnerability Manifestation: 1. Input Processing Phase: Malformed JSON input containing invalid Unicode sequences is processed by the parser. 2. Syntax Error Detection: The parser detects a syntax error at column 6 of the input string. 3. Test Suite Execution: The function is called to verify parsing consistency. 4. Parsing Validation: The test framework attempts to validate whether the expected and reparsed JSON values are equal. 5. Assertion Failure: Due to parsing inconsistency, the assertion fails at line 204. 6. Program Termination: The assertion failure triggers a SIGABRT signal and causes program termination. Report Error Message: Stack Trace: Provides detailed stack trace information, showing the call chain from to . Proof of Concept Trigger Condition: Processing the provided malformed JSON file triggers the vulnerability. POC Download Link: Google Drive Link Reproduction Steps 1. Compile with debug symbols. 2. Execute . 3. The program will crash during the test suite validation logic due to assertion failure. Affected Versions JQ version 1.6 and the latest main branch. Acknowledgments Xudong Cao (UCAS) Yuqing Zhang (UCAS, Zhongguancun Laboratory)