🚑 fix to address #389
This commit is contained in:
parent
447e01427d
commit
79fa8b2f41
3 changed files with 49 additions and 2 deletions
15
src/json.hpp
15
src/json.hpp
|
@ -10643,8 +10643,23 @@ basic_json_parser_66:
|
|||
}
|
||||
else if (type == value_t::number_integer)
|
||||
{
|
||||
// invariant: if we parsed a '-', the absolute value is between
|
||||
// 0 (we allow -0) and max == -INT64_MIN
|
||||
assert(value >= 0);
|
||||
assert(value <= max);
|
||||
|
||||
if (value == max)
|
||||
{
|
||||
// we cannot simply negate value (== max == -INT64_MIN),
|
||||
// see https://github.com/nlohmann/json/issues/389
|
||||
result.m_value.number_integer = INT64_MIN;
|
||||
}
|
||||
else
|
||||
{
|
||||
// all other values can be negated safely
|
||||
result.m_value.number_integer = -static_cast<number_integer_t>(value);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
// parse with strtod
|
||||
|
|
|
@ -9793,8 +9793,23 @@ class basic_json
|
|||
}
|
||||
else if (type == value_t::number_integer)
|
||||
{
|
||||
// invariant: if we parsed a '-', the absolute value is between
|
||||
// 0 (we allow -0) and max == -INT64_MIN
|
||||
assert(value >= 0);
|
||||
assert(value <= max);
|
||||
|
||||
if (value == max)
|
||||
{
|
||||
// we cannot simply negate value (== max == -INT64_MIN),
|
||||
// see https://github.com/nlohmann/json/issues/389
|
||||
result.m_value.number_integer = INT64_MIN;
|
||||
}
|
||||
else
|
||||
{
|
||||
// all other values can be negated safely
|
||||
result.m_value.number_integer = -static_cast<number_integer_t>(value);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
// parse with strtod
|
||||
|
|
|
@ -516,4 +516,21 @@ TEST_CASE("regression tests")
|
|||
CHECK_THROWS_AS(j << ss, std::invalid_argument);
|
||||
CHECK_THROWS_WITH(j << ss, "parse error - unexpected end of input");
|
||||
}
|
||||
|
||||
SECTION("issue #389 - Integer-overflow (OSS-Fuzz issue 267)")
|
||||
{
|
||||
// original test case
|
||||
json j1 = json::parse("-9223372036854775808");
|
||||
CHECK(j1.is_number_integer());
|
||||
CHECK(j1.get<json::number_integer_t>() == INT64_MIN);
|
||||
|
||||
// edge case (+1; still an integer)
|
||||
json j2 = json::parse("-9223372036854775807");
|
||||
CHECK(j2.is_number_integer());
|
||||
CHECK(j2.get<json::number_integer_t>() == INT64_MIN + 1);
|
||||
|
||||
// edge case (-1; overflow -> floats)
|
||||
json j3 = json::parse("-9223372036854775809");
|
||||
CHECK(j3.is_number_float());
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue