lib/json
1
0
Fork 0
mirror of https://github.com/nlohmann/json.git synced 2025-07-19 17:03:16 +03:00
Code Activity

🚑 fix for #405

Browse Source
This commit is contained in:
Niels Lohmann
2016-12-29 15:39:16 +01:00
parent 8381cd6020
commit 871cebaf84
3 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/json.hpp
View File

@ -6871,6 +6871,12 @@ class basic_json
{ {
throw std::out_of_range("len+offset out of range"); throw std::out_of_range("len+offset out of range");
} }
// last case: reading past the end of the vector
if (len + offset > size)
{
throw std::out_of_range("len+offset out of range");
}
} }
/*! /*!

6
src/json.hpp.re2c
View File

@ -6871,6 +6871,12 @@ class basic_json
{ {
throw std::out_of_range("len+offset out of range"); throw std::out_of_range("len+offset out of range");
} }
// last case: reading past the end of the vector
if (len + offset > size)
{
throw std::out_of_range("len+offset out of range");
}
} }
/*! /*!

7
test/src/unit-regression.cpp
View File

@ -540,4 +540,11 @@ TEST_CASE("regression tests")
CHECK(j.is_number_float()); CHECK(j.is_number_float());
CHECK(j.dump() == "1.66020696663386e+20"); CHECK(j.dump() == "1.66020696663386e+20");
} }
SECTION("issue #405 - Heap-buffer-overflow (OSS-Fuzz issue 342)")
{
// original test case
std::vector<uint8_t> vec {0x65, 0xf5, 0x0a, 0x48, 0x21};
CHECK_THROWS_AS(json::from_cbor(vec), std::out_of_range);
}
} }