mirror/cJSON
1
0
Fork 0
mirror of https://github.com/DaveGamble/cJSON.git synced 2023-08-10 21:13:26 +03:00
Code Issues Projects Releases Wiki Activity

ensure: Fix potential overflow of size_t

Browse Source 
This could only happen if the maximum SIZE_T is not at least 2 times
bigger than INT_MAX. Not sure if this can happen on real systems, but
better be safe then sorry.
This commit is contained in:
Max Bruckner 2017-03-23 20:26:29 +01:00
parent 4bfb880093
commit e58f7ec027
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cJSON.c
View File

@ -270,8 +270,7 @@ static unsigned char* ensure(printbuffer * const p, size_t needed, const interna
} }
/* calculate new buffer size */ /* calculate new buffer size */
newsize = needed * 2; if (newsize > (INT_MAX / 2))
if (newsize > INT_MAX)
{ {
/* overflow of int, use INT_MAX if possible */ /* overflow of int, use INT_MAX if possible */
if (needed <= INT_MAX) if (needed <= INT_MAX)
@ -283,6 +282,10 @@ static unsigned char* ensure(printbuffer * const p, size_t needed, const interna
return NULL; return NULL;
} }
} }
else
{
newsize = needed * 2;
}
if (hooks->reallocate != NULL) if (hooks->reallocate != NULL)
{ {