RepoMirrors
/
cJSON
mirror of https://github.com/DaveGamble/cJSON
1
0
Fork 0
Code Issues Releases Wiki Activity

ensure: Fix potential overflow of size_t 

This could only happen if the maximum SIZE_T is not at least 2 times
bigger than INT_MAX. Not sure if this can happen on real systems, but
better be safe then sorry.
This commit is contained in:
Max Bruckner 2017-03-23 20:26:29 +01:00
parent 4bfb880093
commit e58f7ec027
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cJSON.c
View File

@ -270,8 +270,7 @@ static unsigned char* ensure(printbuffer * const p, size_t needed, const interna
}
/* calculate new buffer size */
newsize = needed * 2;
if (newsize > INT_MAX)
if (newsize > (INT_MAX / 2))
{
/* overflow of int, use INT_MAX if possible */
if (needed <= INT_MAX)
@ -283,6 +282,10 @@ static unsigned char* ensure(printbuffer * const p, size_t needed, const interna
return NULL;
}
}
else
{
newsize = needed * 2;
}
if (hooks->reallocate != NULL)
{