RepoMirrors/cJSON
1
0
Fork 0
mirror of https://github.com/DaveGamble/cJSON synced 2025-04-17 04:29:09 +00:00
Code Issues Releases Wiki Activity

Replace illegal overlapping strings check with memmove()

Browse Source 
According to the C standard it is Undefined Behavior to arithmetically
compare addresses that don't point to within the same object. There is
simply no way to implement this sort of check legally. The correct way
to avoid problems from overlapping strings is to replace strcpy() with
memmove().
This commit is contained in:
Juuso Alasuutari 2025-01-19 22:13:15 +02:00
parent 4d41888f09
commit 6d6a650a5f
1 changed files with 1 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cJSON.c
View File

@ -421,13 +421,7 @@ CJSON_PUBLIC(char*) cJSON_SetValuestring(cJSON *object, const char *valuestring)
if (v1_len <= v2_len)
{
/* strcpy does not handle overlapping string: [X1, X2] [Y1, Y2] => X2 < Y1 or Y2 < X1 */
if (!( valuestring + v1_len < object->valuestring || object->valuestring + v2_len < valuestring ))
{
return NULL;
}
strcpy(object->valuestring, valuestring);
return object->valuestring;
return memmove(object->valuestring, valuestring, v1_len + 1);
}
copy = (char*) cJSON_strdup((const unsigned char*)valuestring, &global_hooks);
if (copy == NULL)