mirror/ultrajson
1
0
Fork 0
mirror of https://github.com/ultrajson/ultrajson.git synced 2024-11-23 16:42:10 +01:00
Code Issues

Added memory (re)allocation checks.

Browse Source 
- Guards against memory alloc size overflow.
 - Memory leak on failed reallocation.
This commit is contained in:
Mikhail Sychev 2013-05-14 15:54:35 -07:00
parent 82861c94d5
commit 0acd21cb84
1 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
lib/ultrajsondec.c
View File

@ -455,22 +455,32 @@ FASTCALL_ATTR JSOBJ FASTCALL_MSVC decode_string ( struct DecoderState *ds)
if (ds->escHeap)
{
ds->escStart = (wchar_t *) ds->dec->realloc (ds->escStart, newSize * sizeof(wchar_t));
if (!ds->escStart)
if (newSize > (UINT_MAX / sizeof(wchar_t)))
{
return SetError(ds, -1, "Could not reserve memory block");
}
wchar_t *escStart = (wchar_t *)ds->dec->realloc(ds->escStart, newSize * sizeof(wchar_t));
if (!escStart)
{
ds->dec->free(ds->escStart);
return SetError(ds, -1, "Could not reserve memory block");
}
ds->escStart = escStart;
}
else
{
wchar_t *oldStart = ds->escStart;
ds->escHeap = 1;
ds->escStart = (wchar_t *) ds->dec->malloc (newSize * sizeof(wchar_t));
if (newSize > (UINT_MAX / sizeof(wchar_t)))
{
return SetError(ds, -1, "Could not reserve memory block");
}
ds->escStart = (wchar_t *) ds->dec->malloc(newSize * sizeof(wchar_t));
if (!ds->escStart)
{
return SetError(ds, -1, "Could not reserve memory block");
}
memcpy (ds->escStart, oldStart, escLen * sizeof(wchar_t));
memcpy(ds->escStart, oldStart, escLen * sizeof(wchar_t));
}
ds->escEnd = ds->escStart + newSize;