Fix a potential problem RCStr access on a JsonString object that is not

really and RCStr. Fuzzer/UBSAN find. FossilOrigin-Name: d2f2174ce2cc89606034e158149a2d05fc3627ec4d5cdb772add7a2250f29d78
2025-11-09 14:21:03 +03:00 · 2023-12-08 14:54:22 +00:00
parent 9d2446dc13
commit 2a27be2107
3 changed files with 9 additions and 9 deletions
--- a/src/json.c
+++ b/src/json.c
@@ -4115,7 +4115,7 @@ static void jsonArrayCompute(sqlite3_context *ctx, int isFinal){
    }else if( flags & JSON_BLOB ){
      jsonReturnStringAsBlob(pStr);
      if( isFinal ){
-        sqlite3RCStrUnref(pStr->zBuf);
+        if( !pStr->bStatic ) sqlite3RCStrUnref(pStr->zBuf);
      }else{
        pStr->nUsed--;
      }
@@ -4235,7 +4235,7 @@ static void jsonObjectCompute(sqlite3_context *ctx, int isFinal){
    }else if( flags & JSON_BLOB ){
      jsonReturnStringAsBlob(pStr);
      if( isFinal ){
-        sqlite3RCStrUnref(pStr->zBuf);
+        if( !pStr->bStatic ) sqlite3RCStrUnref(pStr->zBuf);
      }else{
        pStr->nUsed--;
      }