When parsing a number at the top level, validate name

If a string starting with an integer (but not solely an integer) is passed as an argument to be decoded by the JSON parser, the parser will crash because NULL is eventually handed to strcmp(3). Integers aren't valid at the top level anyway.
bugsnag · Dec 16, 2017 · 9b08b9c · 9b08b9c
1 parent 556ae89
commit 9b08b9c
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/Source/KSCrash/Source/KSCrash/Recording/Tools/BSG_KSJSONCodec.c b/Source/KSCrash/Source/KSCrash/Recording/Tools/BSG_KSJSONCodec.c
@@ -974,6 +974,9 @@ int bsg_ksjsoncodec_i_decodeElement(const char **ptr, const char *const end,
         }
 
         if (!isFPChar(**ptr) && accum >= 0) {
+            if (name == NULL) {
+                return BSG_KSJSON_ERROR_INCOMPLETE;
+            }
             accum *= sign;
             return callbacks->onIntegerElement(name, accum, userData);
         }