simpleson icon indicating copy to clipboard operation
simpleson copied to clipboard
verified publisher icon gregjesl

json: fix potential overflow

Open DavidKorczynski opened this issue 1 year ago • 0 comments

The code:

    while(!EMPTY_STRING(input) && stream.push(*index) != json::reader::REJECTED)
    {
        index++;
    }

Runs into an issue because EMPTY_STRING(input) is used to check for null-pointer ending, but input is never incremented during the loop. As such, an overflow will happen when index has incremented beyond it's buffer and *index is run. This triggers an overflow on the input buffer as index is declared as:

const char *index = json::parsing::tlws(input);

Instead of checking for an empty string on input we should check it on index.

DavidKorczynski avatar May 06 '24 17:05 DavidKorczynski