shithub: riscv

Download patch

ref: d8d47f14b5ed8f6d3f892761ed86c6ce2075c337
parent: 651d6c2bc68e7e5224c3ba41b094e37b1c1890ed
author: cinap_lenrek <[email protected]>
date: Wed Apr 27 08:59:06 EDT 2016

libjson: add slack space to literal string buffer to handle bad runes (thanks mischief)

if the input string contains invalid utf-8, runetochar() produces
unicode replacement characters that can overflow the literal buffer.
as the overflow check is done after runetochar(), add UTFmax bytes
of slack space avoiding the issue.

--- a/sys/src/libjson/json.c
+++ b/sys/src/libjson/json.c
@@ -323,7 +323,7 @@
 	memset(&l, 0, sizeof(l));
 	l.s = s;
 	l.slen = strlen(s);
-	if((l.buf = mallocz(l.slen+1, 1)) == nil)
+	if((l.buf = mallocz(l.slen+UTFmax+1, 1)) == nil)
 		return nil;
 
 	j = jsonobj(&l);
@@ -336,6 +336,8 @@
 {
 	JSONEl *e, *f;
 
+	if(j == nil)
+		return;
 	switch(j->t){
 	case JSONString:
 		if(j->s)