RepoMirrors
/
cJSON
mirror of https://github.com/DaveGamble/cJSON
1
0
Fork 0
Code Issues Releases Wiki Activity

cJSONUtils_ApplyPatches: Don't accept invalid array indices

This commit is contained in:
Max Bruckner 2017-04-11 18:07:19 +02:00
parent d058a9cd8f
commit a1602f484b
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
cJSON_Utils.c
View File

@ -543,7 +543,25 @@ static int cJSONUtils_ApplyPatch(cJSON *object, cJSON *patch)
}
else
{
if (!insert_item_in_array(parent, (size_t)atoi((char*)childptr), value))
char *end_pointer = NULL;
long int index = strtol((char*)childptr, &end_pointer, 10);
if ((unsigned char*)end_pointer == childptr)
{
/* failed to parse numeric array index */
free(parentptr);
cJSON_Delete(value);
return 11;
}
if ((index < 0) || (*end_pointer != '\0'))
{
/* array index is invalid */
free(parentptr);
cJSON_Delete(value);
return 12;
}
if (!insert_item_in_array(parent, (size_t)index, value))
{
free(parentptr);
cJSON_Delete(value);