1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
From 77852dba3f539d057cae97f5f499ffba138b5084 Mon Sep 17 00:00:00 2001
From: orri <orri@systemb.is>
Date: Tue, 30 Apr 2024 09:50:19 +0000
Subject: Fix heap buffer overflow
Fixes #800
---
cJSON.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/cJSON.c b/cJSON.c
index e5e62bc..6bc316b 100644
--- a/cJSON.c
+++ b/cJSON.c
@@ -1682,6 +1682,11 @@ static cJSON_bool parse_object(cJSON * const item, parse_buffer * const input_bu
current_item = new_item;
}
+ if (cannot_access_at_index(input_buffer, 1))
+ {
+ goto fail; /* nothing comes after the comma */
+ }
+
/* parse the name of the child */
input_buffer->offset++;
buffer_skip_whitespace(input_buffer);
--
2.30.2
|
