From 72e6e2352340b960a172337a96c10bad80b29b1b Mon Sep 17 00:00:00 2001
From: Mike Jerris <mike@jerris.com>
Date: Thu, 23 Feb 2017 08:59:25 -0600
Subject: [PATCH] prevent read beyond end of buffer when string ends with
 malformed utf

---
 cJSON.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/cJSON.c b/cJSON.c
index c3d1a4e1..fdf00f13 100644
--- a/cJSON.c
+++ b/cJSON.c
@@ -422,8 +422,6 @@ static unsigned char utf16_literal_to_utf8(const unsigned char * const input_poi
     unsigned char utf8_length = 0;
     unsigned char sequence_length = 0;
 
-    /* get the first utf16 sequence */
-    first_code = parse_hex4(first_sequence + 2);
     if ((input_end - first_sequence) < 6)
     {
         /* input ends unexpectedly */
@@ -431,6 +429,9 @@ static unsigned char utf16_literal_to_utf8(const unsigned char * const input_poi
         goto fail;
     }
 
+    /* get the first utf16 sequence */
+    first_code = parse_hex4(first_sequence + 2);
+
     /* check that the code is valid */
     if (((first_code >= 0xDC00) && (first_code <= 0xDFFF)) || (first_code == 0))
     {