The data structures linkhash and printbuf are limited to 2 GB in size
due to a signed integer being used to track their current size.
If too much data is added, then size variable can overflow, which is
an undefined behaviour in C programming language.
Assuming that a signed int overflow just leads to a negative value,
like it happens on many sytems (Linux i686/amd64 with gcc), then
printbuf is vulnerable to an out of boundary write on 64 bit systems.
It's possible (e.g. by using json_object_from_file() on an empty file)
to get json-c to try to use a printbuf that has never had anything
written to it. Before this change, it could access a string that
should be length zero, but was never initialized, and could
theoretically have an unexpected string.
omit the range check during parsing since we already have the checks when
accessing the value. There is no longer a json_type_int64, only json_type_int.
Fix some problems with parsing 0 and -0 values, and add a couple of tests.
Fix some minor compile issues on HPUX environments.
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@60 327403b1-1117-474d-bef2-5cb71233fd97
Fix any noticeable spelling or grammar errors.
Make sure every va_start has a va_end.
Check all pointers for validity.
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@41 327403b1-1117-474d-bef2-5cb71233fd97
* Add casts from void* to type of assignment when using malloc
* Add #ifdef __cplusplus guards to all of the headers
* Add typedefs for json_object, json_tokener, array_list, printbuf, lh_table
Michael Clark, <michael@metaparadigm.com>
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@33 327403b1-1117-474d-bef2-5cb71233fd97
* Add ifdef C++ extern "C" to headers
* Use simpler definition of min and max in bits.h
Larry Lansing, llansing at fuzzynerd dot com
* Remove automake 1.6 requirement
* Move autogen commands into autogen.sh. Update README
* Remove error pointer special case for Windows
* Change license from LGPL to MIT
Michael Clark <michael@metaparadigm.com>
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@10 327403b1-1117-474d-bef2-5cb71233fd97
Added a Win32/Win64 compliant implementation of vasprintf
* debug.c - C. Watford (christopher dot watford at gmail dot com)
Removed usage of vsyslog on Win32/Win64 systems, needs to be handled
by a configure script
* json_object.c - C. Watford (christopher dot watford at gmail dot com)
Added scope operator to wrap usage of json_object_object_foreach, this
needs to be rethought to be more ANSI C friendly
* json_object.h - C. Watford (christopher dot watford at gmail dot com)
Added Microsoft C friendly version of json_object_object_foreach
* json_tokener.c - C. Watford (christopher dot watford at gmail dot com)
Added a Win32/Win64 compliant implementation of strndup
* json_util.c - C. Watford (christopher dot watford at gmail dot com)
Added cast and mask to suffice size_t v. unsigned int conversion
correctness
* json_tokener.c - sign reversal issue on error info for nested object parse
spotted by Johan Bj�rklund (johbjo09 at kth.se)
* json_object.c - escape " in json_escape_str
* Change to automake and libtool to build shared and static library
Michael Clark <michael@metaparadigm.com>
git-svn-id: http://svn.metaparadigm.com/svn/json-c/trunk@4 327403b1-1117-474d-bef2-5cb71233fd97
