cJSON

mirror of Dave's cJSON
git clone git://git.thc420.xyz/cJSON
Log | Files | Refs | README | LICENSE

commit be749d7efa7c9021da746e685bd6dec79f9dd99b
parent cb1df2f88c0d335e031ade0d52fd6a59528c622f
Author: Max Bruckner <max@maxbruckner.de>
Date:   Sun, 16 Dec 2018 11:06:40 +0100

Fix crash of cJSON_GetObjectItemCaseSensitive when calling it on arrays

Diffstat:
McJSON.c | 6+++++-
Mtests/misc_tests.c | 24++++++++++++++++++++++++
2 files changed, 29 insertions(+), 1 deletion(-)

diff --git a/cJSON.c b/cJSON.c @@ -1781,7 +1781,7 @@ static cJSON *get_object_item(const cJSON * const object, const char * const nam current_element = object->child; if (case_sensitive) { - while ((current_element != NULL) && (strcmp(name, current_element->string) != 0)) + while ((current_element != NULL) && (current_element->string != NULL) && (strcmp(name, current_element->string) != 0)) { current_element = current_element->next; } @@ -1794,6 +1794,10 @@ static cJSON *get_object_item(const cJSON * const object, const char * const nam } } + if ((current_element == NULL) || (current_element->string == NULL)) { + return NULL; + } + return current_element; } diff --git a/tests/misc_tests.c b/tests/misc_tests.c @@ -127,6 +127,28 @@ static void cjson_get_object_item_case_sensitive_should_get_object_items(void) cJSON_Delete(item); } +static void cjson_get_object_item_should_not_crash_with_array(void) { + cJSON *array = NULL; + cJSON *found = NULL; + array = cJSON_Parse("[1]"); + + found = cJSON_GetObjectItem(array, "name"); + TEST_ASSERT_NULL(found); + + cJSON_Delete(array); +} + +static void cjson_get_object_item_case_sensitive_should_not_crash_with_array(void) { + cJSON *array = NULL; + cJSON *found = NULL; + array = cJSON_Parse("[1]"); + + found = cJSON_GetObjectItemCaseSensitive(array, "name"); + TEST_ASSERT_NULL(found); + + cJSON_Delete(array); +} + static void typecheck_functions_should_check_type(void) { cJSON invalid[1]; @@ -535,6 +557,8 @@ int CJSON_CDECL main(void) RUN_TEST(cjson_array_foreach_should_not_dereference_null_pointer); RUN_TEST(cjson_get_object_item_should_get_object_items); RUN_TEST(cjson_get_object_item_case_sensitive_should_get_object_items); + RUN_TEST(cjson_get_object_item_should_not_crash_with_array); + RUN_TEST(cjson_get_object_item_case_sensitive_should_not_crash_with_array); RUN_TEST(typecheck_functions_should_check_type); RUN_TEST(cjson_should_not_parse_to_deeply_nested_jsons); RUN_TEST(cjson_set_number_value_should_set_numbers);