]> git.ipfire.org Git - thirdparty/dovecot/core.git/commitdiff
projects / thirdparty / dovecot / core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8608c26)
lib: json-parser - Fix skipping strings with non-blocking input
authorTimo Sirainen <timo.sirainen@open-xchange.com>
Thu, 8 Oct 2020 07:41:52 +0000 (10:41 +0300)
committerTimo Sirainen <timo.sirainen@open-xchange.com>
Thu, 8 Oct 2020 07:41:52 +0000 (10:41 +0300)
The skipping could have accessed memory outside the allocated string.
This might have resulted in a crash, or caused JSON parsing to fail.

src/lib/json-parser.c patch | blob | blame | history

diff --git a/src/lib/json-parser.c b/src/lib/json-parser.c
index ba35ef495daab63b79ec348d12a7744457c8a62c..a4fb1865edfb531f6bdefe8f674a34171a504eb8 100644 (file)
--- a/src/lib/json-parser.c
+++ b/src/lib/json-parser.c
@@ -183,7 +183,10 @@ static int json_skip_string(struct json_parser *parser)
                        return 1;
                }
                if (*parser->data == '\\') {
-                       switch (*++parser->data) {
+                       parser->data++;
+                       if (parser->data == parser->end)
+                               break;
+                       switch (*parser->data) {
                        case '"':
                        case '\\':
                        case '/':
Mirror of https://github.com/dovecot/core.git