_az_json_writer_escape_and_copy( ) - Out-Of-Bounds Write (CWE-787)

[ericwolz]

Overshoots the allocated Memory for destination, leads to over-writing other variables in adjacent memory. File: src\azure\core\az_json_writer.c API: _az_json_writer_escape_and_copy ( ) Line: 379 Issue: During encoding, if the source contains:

• 2 or more Escape Characters.
• Example: ‘\\’, ‘”’, ‘\b’, ‘\n’, ‘\r’, ‘\t’, etc. Each character requires 1 additional Byte.
• 1 or more Unicode Escape Sequence. Example: ‘\0’, ‘ACK’, ‘BS’, ‘ESC’, etc. Each character requires 5 additional Bytes.

Solution : A condition needs to be added after L:378 that checks for the availability of sufficient Memory Buffer in remaining_destination, in every iteration, depending on the type of character ch.