diff options
| author |  Nikias Bassen | 2022-02-11 19:14:23 +0100 |
|---|---|---|
| committer | Nikias Bassen | 2022-02-11 19:14:23 +0100 |
| commit | 7d2cdc6f378f1d6d5631b7739398dd50bea62663 (patch) | |
| tree | 74cc07e0ccf055583ce48eaaafb8f372e3cdb0c3 /src/jplist.c | |
| parent | c035c6bcea282fb31c08eddae73b16fb8e5543f0 (diff) | |
| download | libplist-7d2cdc6f378f1d6d5631b7739398dd50bea62663.tar.gz libplist-7d2cdc6f378f1d6d5631b7739398dd50bea62663.tar.bz2 | |
jplist: Fix OOB read by using correct bounds check
Credit to OSS-Fuzz
Diffstat (limited to 'src/jplist.c')
| -rw-r--r-- | src/jplist.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/jplist.c b/src/jplist.c index e965870..978c5f9 100644 --- a/src/jplist.c +++ b/src/jplist.c | |||
| @@ -484,7 +484,7 @@ static plist_t parse_primitive(const char* js, jsmntok_info_t* ti, int* index) | |||
| 484 | plist_data_t data = plist_new_plist_data(); | 484 | plist_data_t data = plist_new_plist_data(); |
| 485 | data->type = PLIST_NULL; | 485 | data->type = PLIST_NULL; |
| 486 | val = plist_new_node(data); | 486 | val = plist_new_node(data); |
| 487 | } else if (isdigit(str_val[0]) || (str_val[0] == '-' && str_end > str_val && isdigit(str_val[1]))) { | 487 | } else if (isdigit(str_val[0]) || (str_val[0] == '-' && str_val+1 < str_end && isdigit(str_val[1]))) { |
| 488 | char* endp = (char*)str_val; | 488 | char* endp = (char*)str_val; |
| 489 | int64_t intpart = parse_decimal(str_val, str_end, &endp); | 489 | int64_t intpart = parse_decimal(str_val, str_end, &endp); |
| 490 | if (endp >= str_end) { | 490 | if (endp >= str_end) { |