From 2f6fc7f0f28b4dab68a3d7fcf447beabefd04afb Mon Sep 17 00:00:00 2001 From: mongobaba <66656234+mongobaba@users.noreply.github.com> Date: Thu, 12 Nov 2020 11:46:15 +0800 Subject: [PATCH] fix several null pointer problems on allocation failure (#526) --- cJSON.c | 25 ++++++++++++++++++++---- tests/cjson_add.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 70 insertions(+), 4 deletions(-) diff --git a/cJSON.c b/cJSON.c index 6bc102b..c06279d 100644 --- a/cJSON.c +++ b/cJSON.c @@ -2548,7 +2548,12 @@ CJSON_PUBLIC(cJSON *) cJSON_CreateIntArray(const int *numbers, int count) } a = cJSON_CreateArray(); - for(i = 0; a && (i < (size_t)count); i++) + if (!a) + { + return NULL; + } + + for(i = 0; i < (size_t)count; i++) { n = cJSON_CreateNumber(numbers[i]); if (!n) @@ -2584,8 +2589,12 @@ CJSON_PUBLIC(cJSON *) cJSON_CreateFloatArray(const float *numbers, int count) } a = cJSON_CreateArray(); + if (!a) + { + return NULL; + } - for(i = 0; a && (i < (size_t)count); i++) + for(i = 0; i < (size_t)count; i++) { n = cJSON_CreateNumber((double)numbers[i]); if(!n) @@ -2621,8 +2630,12 @@ CJSON_PUBLIC(cJSON *) cJSON_CreateDoubleArray(const double *numbers, int count) } a = cJSON_CreateArray(); + if (!a) + { + return NULL; + } - for(i = 0;a && (i < (size_t)count); i++) + for(i = 0; i < (size_t)count; i++) { n = cJSON_CreateNumber(numbers[i]); if(!n) @@ -2658,8 +2671,12 @@ CJSON_PUBLIC(cJSON *) cJSON_CreateStringArray(const char *const *strings, int co } a = cJSON_CreateArray(); + if (!a) + { + return NULL; + } - for (i = 0; a && (i < (size_t)count); i++) + for (i = 0; i < (size_t)count; i++) { n = cJSON_CreateString(strings[i]); if(!n) diff --git a/tests/cjson_add.c b/tests/cjson_add.c index 00ffc34..b02f1e2 100644 --- a/tests/cjson_add.c +++ b/tests/cjson_add.c @@ -117,6 +117,50 @@ static void cjson_add_true_should_fail_on_allocation_failure(void) cJSON_Delete(root); } +static void cjson_create_int_array_should_fail_on_allocation_failure(void) +{ + int numbers[] = {1, 2, 3}; + + cJSON_InitHooks(&failing_hooks); + + TEST_ASSERT_NULL(cJSON_CreateIntArray(numbers, 3)); + + cJSON_InitHooks(NULL); +} + +static void cjson_create_float_array_should_fail_on_allocation_failure(void) +{ + float numbers[] = {1.0f, 2.0f, 3.0f}; + + cJSON_InitHooks(&failing_hooks); + + TEST_ASSERT_NULL(cJSON_CreateFloatArray(numbers, 3)); + + cJSON_InitHooks(NULL); +} + +static void cjson_create_double_array_should_fail_on_allocation_failure(void) +{ + double numbers[] = {1.0, 2.0, 3.0}; + + cJSON_InitHooks(&failing_hooks); + + TEST_ASSERT_NULL(cJSON_CreateDoubleArray(numbers, 3)); + + cJSON_InitHooks(NULL); +} + +static void cjson_create_string_array_should_fail_on_allocation_failure(void) +{ + const char* strings[] = {"1", "2", "3"}; + + cJSON_InitHooks(&failing_hooks); + + TEST_ASSERT_NULL(cJSON_CreateStringArray(strings, 3)); + + cJSON_InitHooks(NULL); +} + static void cjson_add_false_should_add_false(void) { cJSON *root = cJSON_CreateObject(); @@ -390,6 +434,11 @@ int CJSON_CDECL main(void) RUN_TEST(cjson_add_true_should_fail_with_null_pointers); RUN_TEST(cjson_add_true_should_fail_on_allocation_failure); + RUN_TEST(cjson_create_int_array_should_fail_on_allocation_failure); + RUN_TEST(cjson_create_float_array_should_fail_on_allocation_failure); + RUN_TEST(cjson_create_double_array_should_fail_on_allocation_failure); + RUN_TEST(cjson_create_string_array_should_fail_on_allocation_failure); + RUN_TEST(cjson_add_false_should_add_false); RUN_TEST(cjson_add_false_should_fail_with_null_pointers); RUN_TEST(cjson_add_false_should_fail_on_allocation_failure);