6

Fix memleak when parsing keys with embedded null bytes by disconnect3d · Pull Re...

 2 years ago
source link: https://github.com/kgabis/parson/pull/157
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Copy link

Contributor

disconnect3d commented on May 3, 2021

This commit fixes and adds a test for a memory leak that occurs when
parsing strings with keys that have a null byte embedded in them.

This memory leak can be triggered with the following line, where this
call returns a NULL:

        json_parse_string("{\"\\u0000\"")

This memory leak happens in the parse_object_value function in here:

        new_key = get_quoted_string(string, &key_len);  // <---- ALLOCATION
        /* We do not support key names with embedded \0 chars */
        if (new_key == NULL || key_len != strlen(new_key)) {
            json_value_free(output_value);
            return NULL;                       // <---- `new_key` NOT FREED
        }
        SKIP_WHITESPACES(string);
        if (**string != ':') {
            parson_free(new_key);
            json_value_free(output_value);
            return NULL;
        }

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK