pgsql: Fix out-of-bounds read in json_lex_string

From: John Naylor <john(dot)naylor(at)postgresql(dot)org>
To: pgsql-committers(at)lists(dot)postgresql(dot)org
Subject: pgsql: Fix out-of-bounds read in json_lex_string
Date: 2022-07-12 04:27:43
Message-ID: E1oB7Us-002Nic-BI@gemulon.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

Fix out-of-bounds read in json_lex_string

Commit 3838fa269 added a lookahead loop to allow building strings multiple
bytes at a time. This loop could exit because it reached the end of input,
yet did not check for that before checking if we reached the end of a
valid string. To fix, put the end of string check back in the outer loop.

Per Valgrind animal skink

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/d3117fc1a3e87717a57be0153408e5387e265e1b

Modified Files
--------------
src/common/jsonapi.c | 18 ++++++++++--------
1 file changed, 10 insertions(+), 8 deletions(-)

Responses

Browse pgsql-committers by date

  From Date Subject
Next Message John Naylor 2022-07-12 05:44:41 Re: pgsql: Fix out-of-bounds read in json_lex_string
Previous Message John Naylor 2022-07-12 00:43:19 Re: pgsql: Build de-escaped JSON strings in larger chunks during lexing