shared/json: fix memory leak on failed normalization

author Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Mon, 9 May 2022 12:28:36 +0000 (14:28 +0200)

committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Tue, 10 May 2022 10:58:49 +0000 (12:58 +0200)
author Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Mon, 9 May 2022 12:28:36 +0000 (14:28 +0200)
committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Tue, 10 May 2022 10:58:49 +0000 (12:58 +0200)
diff --git a/src/shared/json.c b/src/shared/json.c

index 55e6d95cdbb787553b1a9b60b9f5702e7bfc8058..2e52443dde2b6b68006948711c849c51320963ae 100644 (file)
--- a/src/shared/json.c
+++ b/src/shared/json.c
@@ -4655,10 +4655,11 @@ int json_variant_normalize(JsonVariant **v) {
          if (!a)
                  return -ENOMEM;
  
-        for (i = 0; i < m; i++) {
+        for (i = 0; i < m; ) {
                  a[i] = json_variant_ref(json_variant_by_index(*v, i));
+                i++;
  
-                r = json_variant_normalize(a + i);
+                r = json_variant_normalize(&a[i-1]);
                  if (r < 0)
                          goto finish;
          }
diff --git a/test/fuzz/fuzz-json/leak-normalize-fail b/test/fuzz/fuzz-json/leak-normalize-fail

new file mode 100644 (file)

index 0000000..b247ccd
--- /dev/null
+++ b/test/fuzz/fuzz-json/leak-normalize-fail
@@ -0,0 +1 @@
+[7E73]
+\ No newline at end of file
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Mon, 9 May 2022 12:28:36 +0000 (14:28 +0200)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Tue, 10 May 2022 10:58:49 +0000 (12:58 +0200)
src/shared/json.c		patch \| blob \| blame \| history
test/fuzz/fuzz-json/leak-normalize-fail	[new file with mode: 0644]	patch \| blob