From df99d29ee4e51f37f8f7b9b7f4f610cef4360396 Mon Sep 17 00:00:00 2001
From: Eric Leblond <el@stamus-networks.com>
Date: Sat, 7 Jun 2025 22:19:03 +0200
Subject: [PATCH] datajson: add sanity check on length

Also cast to avoid compilation error.
---
 src/datasets-context-json.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/datasets-context-json.c b/src/datasets-context-json.c
index 7668583793..568a75ce25 100644
--- a/src/datasets-context-json.c
+++ b/src/datasets-context-json.c
@@ -80,6 +80,11 @@ static bool IsFloat(const char *in, size_t ins)
 
 static int ParseJsonLine(const char *in, size_t ins, DataJsonType *rep_out)
 {
+    if (ins > DATAJSON_JSON_LENGTH) {
+        SCLogError("dataset: json string too long: %s", in);
+        return -1;
+    }
+
     json_error_t jerror;
     json_t *msg = json_loads(in, 0, &jerror);
     if (msg == NULL) {
@@ -92,7 +97,7 @@ static int ParseJsonLine(const char *in, size_t ins, DataJsonType *rep_out)
     } else {
         json_decref(msg);
     }
-    rep_out->len = ins;
+    rep_out->len = (uint16_t)ins;
     rep_out->value = SCStrndup(in, ins);
     if (rep_out->value == NULL) {
         return -1;
-- 
2.47.2