From 4ae7e4e5d892cd9d28493e4d2fe7ac9ee3ae383d Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 12 Oct 2018 14:42:43 +0200 Subject: [PATCH] json: avoid stack allocation of long strings in a recursive function Fixes: oss-fuzz#10908 https://oss-fuzz.com/v2/testcase-detail/5639441482252288 --- src/basic/json.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/src/basic/json.c b/src/basic/json.c index 0a2a620c3bf..ec2952c6da3 100644 --- a/src/basic/json.c +++ b/src/basic/json.c @@ -1344,10 +1344,15 @@ static int json_format(FILE *f, JsonVariant *v, unsigned flags, const char *pref if (n == 0) fputs("[]", f); else { + _cleanup_free_ char *joined = NULL; const char *prefix2; if (flags & JSON_FORMAT_PRETTY) { - prefix2 = strjoina(strempty(prefix), "\t"); + joined = strjoin(strempty(prefix), "\t"); + if (!joined) + return -ENOMEM; + + prefix2 = joined; fputs("[\n", f); } else { prefix2 = strempty(prefix); @@ -1395,10 +1400,15 @@ static int json_format(FILE *f, JsonVariant *v, unsigned flags, const char *pref if (n == 0) fputs("{}", f); else { + _cleanup_free_ char *joined = NULL; const char *prefix2; if (flags & JSON_FORMAT_PRETTY) { - prefix2 = strjoina(strempty(prefix), "\t"); + joined = strjoin(strempty(prefix), "\t"); + if (!joined) + return -ENOMEM; + + prefix2 = joined; fputs("{\n", f); } else { prefix2 = strempty(prefix); -- 2.47.3