Skip to content
This repository has been archived by the owner on Feb 26, 2020. It is now read-only.

BUG: no memory allocation check #9

Open
bpintea opened this issue Jan 29, 2018 · 1 comment
Open

BUG: no memory allocation check #9

bpintea opened this issue Jan 29, 2018 · 1 comment

Comments

@bpintea
Copy link

bpintea commented Jan 29, 2018

In case of a NULL hf parameter, UJDecode will allocate an initial heap (initialHeap) and start deref'ing it with no check of allocation result.
@bpintea
Copy link
Author

bpintea commented Feb 19, 2018

FWIW, here's a patch.

@@ -788,6 +789,11 @@ UJObject UJDecode(const char *input, size_t cbInput, UJHeapFuncs *hf, void **out
 		decoder.realloc = realloc;
 		cbInitialHeap = 16384;
 		initialHeap = malloc(cbInitialHeap);
+
+		if (initialHeap == NULL)
+		{
+			return NULL;
+		}
 	}
 	else
 	{

bpintea added a commit to elastic/elasticsearch-sql-odbc that referenced this issue Feb 19, 2018
@bpintea
add patch file against ujson4c library
4ee53fb 
- fix a bug in UJObjectUnpack() function with assignment of output
  parameters ( esnme/ujson4c#10 )
- fix a bug in UUJDecod() function with un-checked mem allocation
  ( esnme/ujson4c#9 )
bpintea added a commit to elastic/elasticsearch-sql-odbc that referenced this issue Jun 4, 2018
@bpintea
add patch file against ujson4c library
3de80ad 
- fix a bug in UJObjectUnpack() function with assignment of output
  parameters ( esnme/ujson4c#10 )
- fix a bug in UUJDecod() function with un-checked mem allocation
  ( esnme/ujson4c#9 )
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bpintea