🐛 fixing #575

I forgot to consider the offset.
This commit is contained in:
Niels Lohmann 2017-05-07 13:41:48 +02:00
parent 56ac7908f1
commit fba1bcdd0b
No known key found for this signature in database
GPG key ID: 7F3CEA63AE251B69
2 changed files with 7 additions and 1 deletions

View file

@ -8915,7 +8915,7 @@ class basic_json
{ {
// avoid reading too many characters // avoid reading too many characters
const size_t max_length = static_cast<size_t>(limit - start); const size_t max_length = static_cast<size_t>(limit - start);
return std::string(start + offset, std::min({length, max_length})); return std::string(start + offset, std::min({length, max_length - offset}));
} }
private: private:

View file

@ -1010,4 +1010,10 @@ TEST_CASE("regression tests")
CHECK(not(6 <= j["a"])); CHECK(not(6 <= j["a"]));
CHECK(not(6 < j["a"])); CHECK(not(6 < j["a"]));
} }
SECTION("issue #575 - heap-buffer-overflow (OSS-Fuzz 1400)")
{
std::vector<uint8_t> vec = {'"', '\\', '"', 'X', '"', '"'};
CHECK_THROWS_AS(json::parse(vec), json::parse_error);
}
} }