mirror/json-c
1
0
Fork 0
mirror of https://github.com/json-c/json-c.git synced 2026-03-29 01:49:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix: OOM vulnerability cause by is_valid_index

Browse Source 
An OOM vulnerability exists in the json_pointer_set function (and related functions).
See issue #916 for more details.

To fix that, added a sanity check in the is_valid_index function to limit the maximum value of a parsed array index.
Provided a configurable macro for modification.

Signed-off-by: lone <lonechan314@qq.com>
This commit is contained in:
lone
2026-01-25 23:54:27 +08:00
parent d05ea4851f
commit 3d86402028
2 changed files with 18 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
json_pointer.h
View File

@@ -20,6 +20,14 @@
extern "C" {
#endif
/**
* Maximum array index for JSON Pointer, preventing excessive memory allocations.
* The default value is 10,000,000.
*/
#ifndef JSON_C_POINTER_MAX_ARRAY_IDX
#define JSON_C_POINTER_MAX_ARRAY_IDX 10000000
#endif
/**
* Retrieves a JSON sub-object from inside another JSON object
* using the JSON pointer notation as defined in RFC 6901