From 6ccdcd9afd03d79414335275ba78e8bb36fc194a Mon Sep 17 00:00:00 2001 From: liuyuxiu <1175395694@qq.com> Date: Thu, 5 Jun 2025 14:54:18 +0800 Subject: [PATCH 1/3] bug fix Signed-off-by: liuyuxiu <1175395694@qq.com> --- tests/parse_examples.c | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tests/parse_examples.c b/tests/parse_examples.c index 95a0959..d35d6cf 100644 --- a/tests/parse_examples.c +++ b/tests/parse_examples.c @@ -250,6 +250,33 @@ static void test14_should_not_be_parsed(void) } } +/* Address Sanitizer */ +static void test15_should_not_heap_buffer_overflow(void) +{ + const char *strings[] = { + "{\"1\":1,", + "{\"1\":1, ", + }; + + size_t i; + + for (i = 0; i < sizeof(strings) / sizeof(strings[0]); i+=1) + { + const char *json_string = strings[i]; + size_t len = strlen(json_string); + cJSON *json = NULL; + + char *exact_size_heap = (char*)malloc(len); + TEST_ASSERT_NOT_NULL(exact_size_heap); + + memcpy(exact_size_heap, json_string, len); + json = cJSON_ParseWithLength(exact_size_heap, len); + + cJSON_Delete(json); + free(exact_size_heap); + } +} + int CJSON_CDECL main(void) { UNITY_BEGIN(); @@ -267,5 +294,6 @@ int CJSON_CDECL main(void) RUN_TEST(test12_should_not_be_parsed); RUN_TEST(test13_should_be_parsed_without_null_termination); RUN_TEST(test14_should_not_be_parsed); + RUN_TEST(test15_should_not_heap_buffer_overflow); return UNITY_END(); } -- Gitee From 514f53655d34c1b7ad127427d228bbec1f71270d Mon Sep 17 00:00:00 2001 From: liuyuxiu <1175395694@qq.com> Date: Tue, 10 Jun 2025 15:39:04 +0800 Subject: [PATCH 2/3] bugfix Signed-off-by: liuyuxiu <1175395694@qq.com> --- cJSON.c | 1 - 1 file changed, 1 deletion(-) diff --git a/cJSON.c b/cJSON.c index d8ce5df..f258360 100644 --- a/cJSON.c +++ b/cJSON.c @@ -378,7 +378,6 @@ loop_end: } } } - number_c_string[i] = '\0'; number = strtod((const char*)number_c_string, (char**)&after_end); if (number_c_string == after_end) -- Gitee From e5cc5dd84a7e1c227fe46adf559b7fef4d5dc1aa Mon Sep 17 00:00:00 2001 From: liuyuxiu Date: Tue, 10 Jun 2025 11:31:58 +0000 Subject: [PATCH 3/3] update tests/parse_examples.c. Signed-off-by: liuyuxiu --- tests/parse_examples.c | 28 ---------------------------- 1 file changed, 28 deletions(-) diff --git a/tests/parse_examples.c b/tests/parse_examples.c index d35d6cf..95a0959 100644 --- a/tests/parse_examples.c +++ b/tests/parse_examples.c @@ -250,33 +250,6 @@ static void test14_should_not_be_parsed(void) } } -/* Address Sanitizer */ -static void test15_should_not_heap_buffer_overflow(void) -{ - const char *strings[] = { - "{\"1\":1,", - "{\"1\":1, ", - }; - - size_t i; - - for (i = 0; i < sizeof(strings) / sizeof(strings[0]); i+=1) - { - const char *json_string = strings[i]; - size_t len = strlen(json_string); - cJSON *json = NULL; - - char *exact_size_heap = (char*)malloc(len); - TEST_ASSERT_NOT_NULL(exact_size_heap); - - memcpy(exact_size_heap, json_string, len); - json = cJSON_ParseWithLength(exact_size_heap, len); - - cJSON_Delete(json); - free(exact_size_heap); - } -} - int CJSON_CDECL main(void) { UNITY_BEGIN(); @@ -294,6 +267,5 @@ int CJSON_CDECL main(void) RUN_TEST(test12_should_not_be_parsed); RUN_TEST(test13_should_be_parsed_without_null_termination); RUN_TEST(test14_should_not_be_parsed); - RUN_TEST(test15_should_not_heap_buffer_overflow); return UNITY_END(); } -- Gitee