diff options
| author | Andrew Bromwich <a.bromwich@gmail.com> | 2022-04-20 22:30:35 +1000 |
|---|---|---|
| committer | Andrew Bromwich <a.bromwich@gmail.com> | 2022-04-20 22:30:35 +1000 |
| commit | b59368a8c23976d9e44adc8f8c284fdd954a0d33 (patch) | |
| tree | df9f1fec281b6711552d7f1d7309e22fcf07c72b | |
| parent | 75ada77b9664c1d1f0ae6e210f8db4919849561e (diff) | |
| download | json-b59368a8c23976d9e44adc8f8c284fdd954a0d33.tar.gz | |
Fix parser bug for empty string allocation
When `HAVE_RB_ENC_INTERNED_STR` is enabled it is possible to
pass through a null pointer to `rb_enc_interned_str` resulting
in a segfault
Fixes #495
| -rw-r--r-- | ext/json/ext/parser/parser.c | 8 | ||||
| -rw-r--r-- | ext/json/ext/parser/parser.rl | 8 | ||||
| -rw-r--r-- | tests/json_parser_test.rb | 1 |
3 files changed, 17 insertions, 0 deletions
diff --git a/ext/json/ext/parser/parser.c b/ext/json/ext/parser/parser.c index b7de60d..8b860c4 100644 --- a/ext/json/ext/parser/parser.c +++ b/ext/json/ext/parser/parser.c @@ -2363,9 +2363,17 @@ static VALUE json_string_unescape(char *string, char *stringEnd, int intern, int char buf[4]; if (bufferSize > MAX_STACK_BUFFER_SIZE) { +# ifdef HAVE_RB_ENC_INTERNED_STR + bufferStart = buffer = ALLOC_N(char, bufferSize ? bufferSize : 1); +# else bufferStart = buffer = ALLOC_N(char, bufferSize); +# endif } else { +# ifdef HAVE_RB_ENC_INTERNED_STR + bufferStart = buffer = ALLOCA_N(char, bufferSize ? bufferSize : 1); +# else bufferStart = buffer = ALLOCA_N(char, bufferSize); +# endif } while (pe < stringEnd) { diff --git a/ext/json/ext/parser/parser.rl b/ext/json/ext/parser/parser.rl index 15e6b92..2dee80e 100644 --- a/ext/json/ext/parser/parser.rl +++ b/ext/json/ext/parser/parser.rl @@ -462,9 +462,17 @@ static VALUE json_string_unescape(char *string, char *stringEnd, int intern, int char buf[4]; if (bufferSize > MAX_STACK_BUFFER_SIZE) { +# ifdef HAVE_RB_ENC_INTERNED_STR + bufferStart = buffer = ALLOC_N(char, bufferSize ? bufferSize : 1); +# else bufferStart = buffer = ALLOC_N(char, bufferSize); +# endif } else { +# ifdef HAVE_RB_ENC_INTERNED_STR + bufferStart = buffer = ALLOCA_N(char, bufferSize ? bufferSize : 1); +# else bufferStart = buffer = ALLOCA_N(char, bufferSize); +# endif } while (pe < stringEnd) { diff --git a/tests/json_parser_test.rb b/tests/json_parser_test.rb index dce693e..00b254f 100644 --- a/tests/json_parser_test.rb +++ b/tests/json_parser_test.rb @@ -84,6 +84,7 @@ class JSONParserTest < Test::Unit::TestCase assert_equal({ "a" => 23 }, parse(' { "a" : 23 } ')) assert_equal({ "a" => 0.23 }, parse(' { "a" : 0.23 } ')) assert_equal({ "a" => 0.23 }, parse(' { "a" : 0.23 } ')) + assert_equal({ "" => 123 }, parse('{"":123}')) end def test_parse_numbers |