Skip to content

Commit

Permalink
Add test for heap buffer overflow
Browse files Browse the repository at this point in the history
From #800
  • Loading branch information
sbvoxel committed Apr 30, 2024
1 parent 19396a4 commit 56cdcee
Showing 1 changed file with 34 additions and 0 deletions.
34 changes: 34 additions & 0 deletions tests/parse_examples.c
Original file line number Diff line number Diff line change
Expand Up @@ -250,6 +250,39 @@ static void test14_should_not_be_parsed(void)
}
}

/* Address Sanitizer */
static void test15_should_not_heap_buffer_overflow(void) {
const char *strings[] = {
"{\"1\":1,",
"{\"1\":1, ",
};

size_t i;

for (i = 0; i < sizeof(strings) / sizeof(strings[0]); i+=1)
{
const char *json_string = strings[i];
size_t len = strlen(json_string);
cJSON *json = NULL;

char *exact_size_heap = malloc(len);
if (exact_size_heap == NULL)
{
continue;
}

memcpy(exact_size_heap, json_string, len);
json = cJSON_ParseWithLength(exact_size_heap, len);

if (json)
{
cJSON_Delete(json);
}

free(exact_size_heap);
}
}

int CJSON_CDECL main(void)
{
UNITY_BEGIN();
Expand All @@ -267,5 +300,6 @@ int CJSON_CDECL main(void)
RUN_TEST(test12_should_not_be_parsed);
RUN_TEST(test13_should_be_parsed_without_null_termination);
RUN_TEST(test14_should_not_be_parsed);
RUN_TEST(test15_should_not_heap_buffer_overflow);
return UNITY_END();
}

0 comments on commit 56cdcee

Please sign in to comment.