open-source-parsers/jsoncpp
1
0
Fork 0
mirror of https://github.com/open-source-parsers/jsoncpp.git synced 2025-10-22 08:20:47 +08:00
Code Issues Releases Wiki Activity

Made two security fixes.

Browse Source
This commit is contained in:
Aaron Jacobs
2011-05-24 00:43:59 +00:00
parent 785ba2675d
commit a77a803c85
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/lib_json/json_reader.cpp
View File

@@ -611,6 +611,11 @@ Reader::decodeDouble( Token &token )
int count;
int length = int(token.end_ - token.start_);
// Sanity check to avoid buffer overflow exploits.
if (length < 0) {
return addError( "Unable to parse token length", token );
}
// Avoid using a string constant for the format control string given to
// sscanf, as this can cause hard to debug crashes on OS X. See here for more
// info: