From 6bbc217fc721b3b78ee7911e5267b40984943f4c Mon Sep 17 00:00:00 2001
From: Ian Cordasco <graffatcolmingov@gmail.com>
Date: Sat, 13 May 2017 18:27:08 -0500
Subject: Fix unitialized value crash found by OSS Fuzz

Google's OSS Fuzz project found input for libyaml that was capable of
triggering an uninitialized value crash.

Patch provided by Alex Gaynor
---
 src/scanner.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src')

diff --git a/src/scanner.c b/src/scanner.c
index 1189d9d..8e2334f 100644
--- a/src/scanner.c
+++ b/src/scanner.c
@@ -3284,6 +3284,11 @@ yaml_parser_scan_flow_scalar(yaml_parser_t *parser, yaml_token_t *token,
 
         /* Check if we are at the end of the scalar. */
 
+        /* Fix for crash unitialized value crash
+         * Credit for the bug and input is to OSS Fuzz
+         * Credit for the fix to Alex Gaynor
+         */
+        if (!CACHE(parser, 1)) goto error;
         if (CHECK(parser->buffer, single ? '\'' : '"'))
             break;
 
-- 
cgit v1.2.1