From b7d226eac349e9963b40187afec98fde0c65ecf3 Mon Sep 17 00:00:00 2001
From: robert <ubuntu@ubuntu-2204.linuxvmimages.local>
Date: Fri, 17 Jan 2025 04:09:18 -0500
Subject: [PATCH] Additional parameter validation checks

---
 frozen.c    |  2 ++
 unit_test.c | 35 +++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)

diff --git a/frozen.c b/frozen.c
index 15bbbbd..cc06d07 100644
--- a/frozen.c
+++ b/frozen.c
@@ -1409,12 +1409,14 @@ struct next_data {
 
 static void next_set_key(struct next_data *d, const char *name, int name_len,
                          int is_array) {
+  if (name == NULL || name_len < 0) return;
   if (is_array) {
     /* Array. Set index and reset key  */
     if (d->key != NULL) {
       d->key->len = 0;
       d->key->ptr = NULL;
     }
+
     if (d->idx != NULL) *d->idx = atoi(name);
   } else {
     /* Object. Set key and make index -1 */
diff --git a/unit_test.c b/unit_test.c
index 4cbd898..17dd85c 100644
--- a/unit_test.c
+++ b/unit_test.c
@@ -1092,6 +1092,40 @@ static const char *test_json_depth(void) {
   return NULL;
 }
 
+static const char *test_json_next_elem(void) {
+  struct json_token val;
+  void *h = NULL;
+  int i = 0, idx;
+  char s[] = {
+  0x7B, 0x22, 0x63, 0x69, 0x61, 0x6F, 0x22, 0x3A, 0x20, 0x22, // "{\"ciao\": \""
+  0x22, 0x22, 0x63, 0x69, 0x61, 0x6f, 0x5b, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30,
+0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5c,
+0x22, 0x22, 0x3a, 0x7b, 0x63,
+  0x22, 0x20, 0x7D // "\" }"
+  };
+  int len = sizeof(s);
+  while ((h = json_next_elem(s, len, h, ".ciao", &idx, &val)) != NULL) {
+    i++;
+  }
+  ASSERT(i == 1);
+  return NULL;
+}
+
 static const char *run_all_tests(void) {
   RUN_TEST(test_json_printf_hex);
   RUN_TEST(test_json_printf_base64);
@@ -1109,6 +1143,7 @@ static const char *run_all_tests(void) {
   RUN_TEST(test_fprintf);
   RUN_TEST(test_json_setf);
   RUN_TEST(test_json_depth);
+  RUN_TEST(test_json_next_elem);
   return NULL;
 }