53 lines
1.7 KiB
Diff
53 lines
1.7 KiB
Diff
From d6f46ae104871360f84695737864870c97adfd14 Mon Sep 17 00:00:00 2001
|
|
From: Eric Haszlakiewicz <erh+git@nimenees.com>
|
|
Date: Sun, 30 Oct 2022 19:29:15 +0000
|
|
Subject: [PATCH] Explicitly check for integer overflow/underflow when
|
|
parsing integers with JSON_TOKENER_STRICT.
|
|
|
|
Reference:https://github.com/json-c/json-c/commit/d6f46ae104871360f84695737864870c97adfd14
|
|
Conflict:Ignore changes in the ChangeLog and test because the pre-feature patch is not merged
|
|
|
|
---
|
|
json_tokener.c | 11 +++++++++++
|
|
1 file changed, 11 insertions(+)
|
|
|
|
diff --git a/json_tokener.c b/json_tokener.c
|
|
index 0c09b66..1feee65 100644
|
|
--- a/json_tokener.c
|
|
+++ b/json_tokener.c
|
|
@@ -17,6 +17,7 @@
|
|
|
|
#include "math_compat.h"
|
|
#include <assert.h>
|
|
+#include <errno.h>
|
|
#include <limits.h>
|
|
#include <math.h>
|
|
#include <stddef.h>
|
|
@@ -991,6 +992,11 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char *
|
|
if (!tok->is_double && tok->pb->buf[0] == '-' &&
|
|
json_parse_int64(tok->pb->buf, &num64) == 0)
|
|
{
|
|
+ if (errno == ERANGE && (tok->flags & JSON_TOKENER_STRICT))
|
|
+ {
|
|
+ tok->err = json_tokener_error_parse_number;
|
|
+ goto out;
|
|
+ }
|
|
current = json_object_new_int64(num64);
|
|
if (current == NULL)
|
|
goto out;
|
|
@@ -998,6 +1004,11 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char *
|
|
else if (!tok->is_double && tok->pb->buf[0] != '-' &&
|
|
json_parse_uint64(tok->pb->buf, &numuint64) == 0)
|
|
{
|
|
+ if(errno==ERANGE&&(tok->flags & JSON_TOKENER_STRICT))
|
|
+ {
|
|
+ tok->err=json_tokener_error_parse_number;
|
|
+ goto out;
|
|
+ }
|
|
if (numuint64 && tok->pb->buf[0] == '0' &&
|
|
(tok->flags & JSON_TOKENER_STRICT))
|
|
{
|
|
--
|
|
2.27.0
|
|
|