[sr-dev] git:master:678b1a68: core: srjson - init vars and check scanned values

Mon, 18 Dec 2023 03:33:34 -0800 

Module: kamailio
Branch: master
Commit: 678b1a68de86d9539adeaf0262d9735b8d435077
URL: 
https://github.com/kamailio/kamailio/commit/678b1a68de86d9539adeaf0262d9735b8d435077

Author: Daniel-Constantin Mierla <[email protected]>
Committer: Daniel-Constantin Mierla <[email protected]>
Date: 2023-12-18T12:04:10+01:00

core: srjson - init vars and check scanned values

---

Modified: src/core/utils/srjson.c

---

Diff:  
https://github.com/kamailio/kamailio/commit/678b1a68de86d9539adeaf0262d9735b8d435077.diff
Patch: 
https://github.com/kamailio/kamailio/commit/678b1a68de86d9539adeaf0262d9735b8d435077.patch

---

diff --git a/src/core/utils/srjson.c b/src/core/utils/srjson.c
index 5960932f545..f339230232a 100644
--- a/src/core/utils/srjson.c
+++ b/src/core/utils/srjson.c
@@ -272,7 +272,10 @@ static const char *parse_string(
                                        *ptr2++ = '\t';
                                        break;
                                case 'u': /* transcode utf16 to utf8. */
-                                       sscanf(ptr + 1, "%4x", &uc);
+                                       uc = 0;
+                                       if(sscanf(ptr + 1, "%4x", &uc) < 1) {
+                                               break;
+                                       }
                                        ptr += 4; /* get the unicode char. */
 
                                        if((uc >= 0xDC00 && uc <= 0xDFFF) || uc 
== 0)
@@ -283,8 +286,11 @@ static const char *parse_string(
                                        {
                                                if(ptr[1] != '\\' || ptr[2] != 
'u')
                                                        break;
+                                               uc2 = 0;
                                                //missing second - half of 
surrogate.
-                                               sscanf(ptr + 3, "%4x", &uc2);
+                                               if(sscanf(ptr + 3, "%4x", &uc2) 
< 1) {
+                                                       break;
+                                               }
                                                ptr += 6;
                                                if(uc2 < 0xDC00 || uc2 > 0xDFFF)
                                                        break;

_______________________________________________
Kamailio (SER) - Development Mailing List
To unsubscribe send an email to [email protected]

Reply via email to