Issue #881: don't allow json_tokener_new_ex() with a depth < 1

author Eric Hawicz <erh+git@nimenees.com>

Mon, 18 Nov 2024 03:11:24 +0000 (22:11 -0500)

committer Eric Hawicz <erh+git@nimenees.com>

Mon, 18 Nov 2024 03:11:24 +0000 (22:11 -0500)
author Eric Hawicz <erh+git@nimenees.com>
Mon, 18 Nov 2024 03:11:24 +0000 (22:11 -0500)
committer Eric Hawicz <erh+git@nimenees.com>
Mon, 18 Nov 2024 03:11:24 +0000 (22:11 -0500)
diff --git a/json_tokener.c b/json_tokener.c

index 773229e6a3e4e264d32b6a5f8f91250fcdbf3bff..1954bcd8344feed3bd8500a0560adfb36b824a44 100644 (file)
--- a/json_tokener.c
+++ b/json_tokener.c
@@ -154,6 +154,9 @@ struct json_tokener *json_tokener_new_ex(int depth)
  {
         struct json_tokener *tok;
  
+       if (depth < 1)
+               return NULL;
+
         tok = (struct json_tokener *)calloc(1, sizeof(struct json_tokener));
         if (!tok)
                 return NULL;
diff --git a/json_tokener.h b/json_tokener.h

index 54925e5116ff5e3b5e344bd812d552e0b9bafd75..f53a76141bb272bf7cb5576434f8d0f7a9621b96 100644 (file)
--- a/json_tokener.h
+++ b/json_tokener.h
@@ -206,6 +206,7 @@ JSON_EXPORT struct json_tokener *json_tokener_new(void);
  
  /**
   * Allocate a new json_tokener with a custom max nesting depth.
+ * The depth must be at least 1.
   * @see JSON_TOKENER_DEFAULT_DEPTH
   */
  JSON_EXPORT struct json_tokener *json_tokener_new_ex(int depth);
author	Eric Hawicz <erh+git@nimenees.com>
	Mon, 18 Nov 2024 03:11:24 +0000 (22:11 -0500)
committer	Eric Hawicz <erh+git@nimenees.com>
	Mon, 18 Nov 2024 03:11:24 +0000 (22:11 -0500)
json_tokener.c		patch \| blob \| blame \| history
json_tokener.h		patch \| blob \| blame \| history