Permalink
Browse files

fixed segfault when the lib tries to parse HTML with embedded CSS; pr…

…ovided test case
  • Loading branch information...
1 parent e70366a commit 52d7d14f6c42f373fc632cb86e7cc967589448aa @ChristianSch ChristianSch committed Mar 6, 2016
Showing with 37 additions and 2 deletions.
  1. +2 −2 cJSON.c
  2. +19 −0 test.c
  3. +16 −0 tests/test6
View
@@ -660,8 +660,8 @@ static char *print_object(cJSON *item,int depth,int fmt,printbuffer *p)
/* Get Array size/item / object item. */
int cJSON_GetArraySize(cJSON *array) {cJSON *c=array->child;int i=0;while(c)i++,c=c->next;return i;}
-cJSON *cJSON_GetArrayItem(cJSON *array,int item) {cJSON *c=array->child; while (c && item>0) item--,c=c->next; return c;}
-cJSON *cJSON_GetObjectItem(cJSON *object,const char *string) {cJSON *c=object->child; while (c && cJSON_strcasecmp(c->string,string)) c=c->next; return c;}
+cJSON *cJSON_GetArrayItem(cJSON *array,int item) {cJSON *c; if (array == NULL) return NULL; c=array->child; while (c && item>0) item--,c=c->next; return c;}
+cJSON *cJSON_GetObjectItem(cJSON *object,const char *string) {cJSON *c; if (object == NULL) return NULL; c=object->child; while (c && cJSON_strcasecmp(c->string,string)) c=c->next; return c;}
int cJSON_HasObjectItem(cJSON *object,const char *string) {
cJSON *c=object->child;
while (c )
View
@@ -144,19 +144,38 @@ int main (int argc, const char * argv[]) {
char text4[]="{\n \"Image\": {\n \"Width\": 800,\n \"Height\": 600,\n \"Title\": \"View from 15th Floor\",\n \"Thumbnail\": {\n \"Url\": \"http:/*www.example.com/image/481989943\",\n \"Height\": 125,\n \"Width\": \"100\"\n },\n \"IDs\": [116, 943, 234, 38793]\n }\n }";
char text5[]="[\n {\n \"precision\": \"zip\",\n \"Latitude\": 37.7668,\n \"Longitude\": -122.3959,\n \"Address\": \"\",\n \"City\": \"SAN FRANCISCO\",\n \"State\": \"CA\",\n \"Zip\": \"94107\",\n \"Country\": \"US\"\n },\n {\n \"precision\": \"zip\",\n \"Latitude\": 37.371991,\n \"Longitude\": -122.026020,\n \"Address\": \"\",\n \"City\": \"SUNNYVALE\",\n \"State\": \"CA\",\n \"Zip\": \"94085\",\n \"Country\": \"US\"\n }\n ]";
+ char text6[] = "<!DOCTYPE html>"
+ "<html>\n"
+ "<head>\n"
+ " <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n"
+ " <style type=\"text/css\">\n"
+ " html, body, iframe { margin: 0; padding: 0; height: 100%; }\n"
+ " iframe { display: block; width: 100%; border: none; }\n"
+ " </style>\n"
+ "<title>Application Error</title>\n"
+ "</head>\n"
+ "<body>\n"
+ " <iframe src="//s3.amazonaws.com/heroku_pages/error.html">\n"
+ " <p>Application Error</p>\n"
+ " </iframe>\n"
+ "</body>\n"
+ "</html>\n";
+
/* Process each json textblock by parsing, then rebuilding: */
doit(text1);
doit(text2);
doit(text3);
doit(text4);
doit(text5);
+ doit(text6);
/* Parse standard testfiles: */
/* dofile("../../tests/test1"); */
/* dofile("../../tests/test2"); */
/* dofile("../../tests/test3"); */
/* dofile("../../tests/test4"); */
/* dofile("../../tests/test5"); */
+/* dofile("../../tests/test6"); */
/* Now some samplecode for building objects concisely: */
create_objects();
View
@@ -0,0 +1,16 @@
+<!DOCTYPE html>
+ <html>
+ <head>
+ <meta name="viewport" content="width=device-width, initial-scale=1">
+ <style type="text/css">
+ html, body, iframe { margin: 0; padding: 0; height: 100%; }
+ iframe { display: block; width: 100%; border: none; }
+ </style>
+ <title>Application Error</title>
+ </head>
+ <body>
+ <iframe src="//s3.amazonaws.com/heroku_pages/error.html">
+ <p>Application Error</p>
+ </iframe>
+ </body>
+ </html>

3 comments on commit 52d7d14

@Safinssssss

what the hell

@ChristianSch
Contributor

Care to elaborate?

@DaveGamble
Owner

Looks like a spammer. Locking the thread. NB: Thanks for this patch- it's a good one :)

Please sign in to comment.