VladPolskiy/MariaDB-open-code
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-08-15 22:37:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

MDEV-31147 json_normalize does not work correctly with MSAN build

Browse Source 
json_normalize_number(): Avoid accessing str past str_len.
The function would seem to work incorrectly when some digits are
not followed by a decimal point (.) or an exponent (E or e).
This commit is contained in:
Marko Mäkelä
2023-04-28 12:15:45 +03:00
parent 5028b7c7c8
commit 7d967423fe
3 changed files with 36 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
strings/json_normalize.c
View File

@ -147,13 +147,16 @@ json_normalize_number(DYNAMIC_STRING *out, const char *str, size_t str_len)
magnitude = (long)(j - 1);
/* skip the . */
if (str[i] == '.')
++i;
if (i < str_len)
{
/* skip the . */
if (str[i] == '.')
++i;
/* grab rest of digits before the E */
for (; i < str_len && str[i] != 'e' && str[i] != 'E'; ++i)
buf[j++] = str[i];
/* grab rest of digits before the E */
for (; i < str_len && str[i] != 'e' && str[i] != 'E'; ++i)
buf[j++] = str[i];
}
/* trim trailing zeros */
for (k = j - 1; k && buf[k] == '0'; --k, --j)
@ -187,7 +190,7 @@ json_normalize_number(DYNAMIC_STRING *out, const char *str, size_t str_len)
err|= dynstr_append_mem(out, STRING_WITH_LEN("E"));
if (str[i] == 'e' || str[i] == 'E')
if (i < str_len && (str[i] == 'e' || str[i] == 'E'))
{
char *endptr = NULL;
/* skip the [eE] */