cJSON

mirror of Dave's cJSON
git clone git://git.thc420.xyz/cJSON
Log | Files | Refs | README | LICENSE

commit e58f7ec027d00b7cdcbf63e518c1b5268b29b3da
parent 4bfb88009342fb568295a7f6dc4b7fee74fbf022
Author: Max Bruckner <max@maxbruckner.de>
Date:   Thu, 23 Mar 2017 20:26:29 +0100

ensure: Fix potential overflow of size_t

This could only happen if the maximum SIZE_T is not at least 2 times
bigger than INT_MAX. Not sure if this can happen on real systems, but
better be safe then sorry.

Diffstat:
McJSON.c | 7+++++--
1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cJSON.c b/cJSON.c @@ -270,8 +270,7 @@ static unsigned char* ensure(printbuffer * const p, size_t needed, const interna } /* calculate new buffer size */ - newsize = needed * 2; - if (newsize > INT_MAX) + if (newsize > (INT_MAX / 2)) { /* overflow of int, use INT_MAX if possible */ if (needed <= INT_MAX) @@ -283,6 +282,10 @@ static unsigned char* ensure(printbuffer * const p, size_t needed, const interna return NULL; } } + else + { + newsize = needed * 2; + } if (hooks->reallocate != NULL) {