🚑 fix to address #389
This commit is contained in:
parent
447e01427d
commit
79fa8b2f41
3 changed files with 49 additions and 2 deletions
15
src/json.hpp
15
src/json.hpp
|
@ -10643,8 +10643,23 @@ basic_json_parser_66:
|
||||||
}
|
}
|
||||||
else if (type == value_t::number_integer)
|
else if (type == value_t::number_integer)
|
||||||
{
|
{
|
||||||
|
// invariant: if we parsed a '-', the absolute value is between
|
||||||
|
// 0 (we allow -0) and max == -INT64_MIN
|
||||||
|
assert(value >= 0);
|
||||||
|
assert(value <= max);
|
||||||
|
|
||||||
|
if (value == max)
|
||||||
|
{
|
||||||
|
// we cannot simply negate value (== max == -INT64_MIN),
|
||||||
|
// see https://github.com/nlohmann/json/issues/389
|
||||||
|
result.m_value.number_integer = INT64_MIN;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
// all other values can be negated safely
|
||||||
result.m_value.number_integer = -static_cast<number_integer_t>(value);
|
result.m_value.number_integer = -static_cast<number_integer_t>(value);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
// parse with strtod
|
// parse with strtod
|
||||||
|
|
|
@ -9793,8 +9793,23 @@ class basic_json
|
||||||
}
|
}
|
||||||
else if (type == value_t::number_integer)
|
else if (type == value_t::number_integer)
|
||||||
{
|
{
|
||||||
|
// invariant: if we parsed a '-', the absolute value is between
|
||||||
|
// 0 (we allow -0) and max == -INT64_MIN
|
||||||
|
assert(value >= 0);
|
||||||
|
assert(value <= max);
|
||||||
|
|
||||||
|
if (value == max)
|
||||||
|
{
|
||||||
|
// we cannot simply negate value (== max == -INT64_MIN),
|
||||||
|
// see https://github.com/nlohmann/json/issues/389
|
||||||
|
result.m_value.number_integer = INT64_MIN;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
// all other values can be negated safely
|
||||||
result.m_value.number_integer = -static_cast<number_integer_t>(value);
|
result.m_value.number_integer = -static_cast<number_integer_t>(value);
|
||||||
}
|
}
|
||||||
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
// parse with strtod
|
// parse with strtod
|
||||||
|
|
|
@ -516,4 +516,21 @@ TEST_CASE("regression tests")
|
||||||
CHECK_THROWS_AS(j << ss, std::invalid_argument);
|
CHECK_THROWS_AS(j << ss, std::invalid_argument);
|
||||||
CHECK_THROWS_WITH(j << ss, "parse error - unexpected end of input");
|
CHECK_THROWS_WITH(j << ss, "parse error - unexpected end of input");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
SECTION("issue #389 - Integer-overflow (OSS-Fuzz issue 267)")
|
||||||
|
{
|
||||||
|
// original test case
|
||||||
|
json j1 = json::parse("-9223372036854775808");
|
||||||
|
CHECK(j1.is_number_integer());
|
||||||
|
CHECK(j1.get<json::number_integer_t>() == INT64_MIN);
|
||||||
|
|
||||||
|
// edge case (+1; still an integer)
|
||||||
|
json j2 = json::parse("-9223372036854775807");
|
||||||
|
CHECK(j2.is_number_integer());
|
||||||
|
CHECK(j2.get<json::number_integer_t>() == INT64_MIN + 1);
|
||||||
|
|
||||||
|
// edge case (-1; overflow -> floats)
|
||||||
|
json j3 = json::parse("-9223372036854775809");
|
||||||
|
CHECK(j3.is_number_float());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue