From 8a8d7f323f1d0b5e87c9cc6742615b00061dcc74 Mon Sep 17 00:00:00 2001
From: "@ran-zhao-yu" <ranzhaoyu1@huawei.com>
Date: Tue, 8 Oct 2024 12:11:20 +0800
Subject: [PATCH] fix out-of-bounds read

Signed-off-by: @ran-zhao-yu <ranzhaoyu1@huawei.com>
---
 Fix out-of-bounds read.patch | 21 +++++++++++++++++++++
 install.py                   |  3 ++-
 2 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 Fix out-of-bounds read.patch

diff --git a/Fix out-of-bounds read.patch b/Fix out-of-bounds read.patch
new file mode 100644
index 0000000..6d97931
--- /dev/null
+++ b/Fix out-of-bounds read.patch	
@@ -0,0 +1,21 @@
+diff --git a/src/lib_json/json_reader.cpp b/src/lib_json/json_reader.cpp
+--- a/src/lib_json/json_reader.cpp
++++ b/src/lib_json/json_reader.cpp
+@@ -773,7 +773,7 @@
+   while (current < location && current != end_) {
+     Char c = *current++;
+     if (c == '\r') {
+-      if (*current == '\n')
++      if (current != end_ && *current == '\n')
+         ++current;
+       lastLineStart = current;
+       ++line;
+@@ -1826,7 +1826,7 @@
+   while (current < location && current != end_) {
+     Char c = *current++;
+     if (c == '\r') {
+-      if (*current == '\n')
++      if (current != end_ && *current == '\n')
+         ++current;
+       lastLineStart = current;
+       ++line;
diff --git a/install.py b/install.py
index 129700f..31c7ad4 100755
--- a/install.py
+++ b/install.py
@@ -50,7 +50,8 @@ def do_patch(args, target_dir):
     patch_file = [
         "Fix error whenparses the value of 5E-324 with libc++.patch",
         "0001-Parse-large-floats-as-infinity-1349-1353.patch",
-        "0001-Use-default-rather-than-hard-coded-8-for-maximum-agg.patch"
+        "0001-Use-default-rather-than-hard-coded-8-for-maximum-agg.patch",
+        "Fix out-of-bounds read.patch"
     ]
 
     for patch in patch_file:
-- 
Gitee