Skip to content

Commit

Permalink
Add test for heap buffer overflow
Browse files Browse the repository at this point in the history
  • Loading branch information
sbvoxel committed Apr 30, 2024
1 parent 19396a4 commit dea9eeb
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions tests/parse_examples.c
Original file line number Diff line number Diff line change
Expand Up @@ -250,6 +250,36 @@ static void test14_should_not_be_parsed(void)
}
}

/* Address Sanitizer */
static void test15_should_not_heap_buffer_overflow(void) {
char const* strings[] = {
"{\"1\":1,",
"{\"1\":1, ",
};

size_t i;

for (i = 0; i < sizeof(strings) / sizeof(strings[0]); i+=1) {
char const* json_string = strings[i];
size_t len = strlen(json_string);
cJSON *json = NULL;

char *exact_size_heap = malloc(len);
if (exact_size_heap == NULL) {
continue;
}

memcpy(exact_size_heap, json_string, len);
json = cJSON_ParseWithLength(exact_size_heap, len);

if (json) {
cJSON_Delete(json);
}

free(exact_size_heap);
}
}

int CJSON_CDECL main(void)
{
UNITY_BEGIN();
Expand All @@ -267,5 +297,6 @@ int CJSON_CDECL main(void)
RUN_TEST(test12_should_not_be_parsed);
RUN_TEST(test13_should_be_parsed_without_null_termination);
RUN_TEST(test14_should_not_be_parsed);
RUN_TEST(test15_should_not_heap_buffer_overflow);
return UNITY_END();
}

0 comments on commit dea9eeb

Please sign in to comment.