jdk-build-libs
/
json-c
Not watched
1
0
Fork 0
Code
Releases 11 Wiki evaluate Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain HPC
Browse Source

Fix use-after-free in json_tokener_new_ex() 

The failure path taken in the event of printbuf_new() returning NULL
calls free() on tok->stack after already having freed tok. Swap the
order of the two calls to fix an obvious memory access violation.

Fixes: bcb6d7d347 ("Handle allocation failure in json_tokener_new_ex")
Signed-off-by: Juuso Alasuutari <juuso.alasuutari@gmail.com>
tags/json-c-0.16-20220414
Juuso Alasuutari 4 years ago
parent
dc1ef7d566
commit
9361d8d3a8
1 changed files with 1 additions and 1 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      json_tokener.c

+ 1
- 1
json_tokener.c View File

@@ -164,8 +164,8 @@ struct json_tokener *json_tokener_new_ex(int depth)
tok->pb = printbuf_new();
if (!tok->pb)
{
free(tok);
free(tok->stack);
free(tok);
return NULL;
}
tok->max_depth = depth;


Write Preview
Loading…
Cancel
Save