🐛 fixed integer overflow in dump function #1447

Closes #1447.
This commit is contained in:
Niels Lohmann 2019-01-20 12:26:01 +01:00
parent e17e0d031f
commit 6de4df23e4
No known key found for this signature in database
GPG key ID: 7F3CEA63AE251B69
3 changed files with 11 additions and 4 deletions

View file

@ -620,7 +620,7 @@ class serializer
if (is_negative) if (is_negative)
{ {
*buffer_ptr = '-'; *buffer_ptr = '-';
abs_value = static_cast<number_unsigned_t>(0 - x); abs_value = static_cast<number_unsigned_t>(-1 - x) + 1;
// account one more byte for the minus sign // account one more byte for the minus sign
n_chars = 1 + count_digits(abs_value); n_chars = 1 + count_digits(abs_value);

View file

@ -11510,7 +11510,7 @@ class serializer
if (is_negative) if (is_negative)
{ {
*buffer_ptr = '-'; *buffer_ptr = '-';
abs_value = static_cast<number_unsigned_t>(0 - x); abs_value = static_cast<number_unsigned_t>(-1 - x) + 1;
// account one more byte for the minus sign // account one more byte for the minus sign
n_chars = 1 + count_digits(abs_value); n_chars = 1 + count_digits(abs_value);

View file

@ -1742,7 +1742,8 @@ TEST_CASE("regression tests")
SECTION("test case in issue #1445") SECTION("test case in issue #1445")
{ {
nlohmann::json dump_test; nlohmann::json dump_test;
const int data[] = { const int data[] =
{
109, 108, 103, 125, -122, -53, 115, 109, 108, 103, 125, -122, -53, 115,
18, 3, 0, 102, 19, 1, 15, 18, 3, 0, 102, 19, 1, 15,
-110, 13, -3, -1, -81, 32, 2, -110, 13, -3, -1, -81, 32, 2,
@ -1761,7 +1762,7 @@ TEST_CASE("regression tests")
-54, -28, -26 -54, -28, -26
}; };
std::string s; std::string s;
for (int i=0; i<sizeof(data)/sizeof(int); i++) for (int i = 0; i < sizeof(data) / sizeof(int); i++)
{ {
s += static_cast<char>(data[i]); s += static_cast<char>(data[i]);
} }
@ -1769,6 +1770,12 @@ TEST_CASE("regression tests")
dump_test.dump(-1, ' ', true, nlohmann::json::error_handler_t::replace); dump_test.dump(-1, ' ', true, nlohmann::json::error_handler_t::replace);
} }
} }
SECTION("issue #1447 - Integer Overflow (OSS-Fuzz 12506)")
{
json j = json::parse("[-9223372036854775808]");
CHECK(j.dump() == "[-9223372036854775808]");
}
} }
TEST_CASE("regression tests, exceptions dependent", "[!throws]") TEST_CASE("regression tests, exceptions dependent", "[!throws]")