ref: d8d47f14b5ed8f6d3f892761ed86c6ce2075c337
parent: 651d6c2bc68e7e5224c3ba41b094e37b1c1890ed
author: cinap_lenrek <[email protected]>
date: Wed Apr 27 08:59:06 EDT 2016
libjson: add slack space to literal string buffer to handle bad runes (thanks mischief) if the input string contains invalid utf-8, runetochar() produces unicode replacement characters that can overflow the literal buffer. as the overflow check is done after runetochar(), add UTFmax bytes of slack space avoiding the issue.
--- a/sys/src/libjson/json.c
+++ b/sys/src/libjson/json.c
@@ -323,7 +323,7 @@
memset(&l, 0, sizeof(l));
l.s = s;
l.slen = strlen(s);
- if((l.buf = mallocz(l.slen+1, 1)) == nil)
+ if((l.buf = mallocz(l.slen+UTFmax+1, 1)) == nil)
return nil;
j = jsonobj(&l);
@@ -336,6 +336,8 @@
{
JSONEl *e, *f;
+ if(j == nil)
+ return;
switch(j->t){
case JSONString:
if(j->s)