apr_json_decode: Return APR_ENOSPC if a decoded array is above INT_MAX.

* json/apr_json_decode.c(apr_json_decode_array):
  Return APR_ENOSPC should the int counter overflow.
  


git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1902207 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 4 insertions, 1 deletions

diff --git a/json/apr_json_decode.c b/json/apr_json_decode.c
index 565c5a7a9..460bcc83e 100644
--- a/json/apr_json_decode.c
+++ b/json/apr_json_decode.c
@@ -386,6 +386,10 @@ static apr_status_t apr_json_decode_array(apr_json_scanner_t * self,
             break;
         }
 
+        if (count >= APR_INT32_MAX) {
+            return APR_ENOSPC;
+        }
+
         if (APR_SUCCESS != (status = apr_json_decode_value(self, &element))) {
             return status;
         }
@@ -394,7 +398,6 @@ static apr_status_t apr_json_decode_array(apr_json_scanner_t * self,
                 != (status = apr_json_array_add(array, element))) {
             return status;
         }
-
         count++;
 
         if (self->p == self->e) {