Skip to content

Commit

Permalink
fix mis-sizing of string in jbuf implementation
Browse files Browse the repository at this point in the history 
Any time the jbuf string grows, the head of the jbuf must be accounted for.
This patch fixes that oversight. The oversight leads to writing past
the end of the string after it is expanded.
  • Loading branch information
@baallan @tom95858
baallan authored and tom95858 committed Feb 2, 2024
1 parent 552c4ad commit 843e31a
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions lib/src/ovis_json/ovis_json.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,10 +62,10 @@ jbuf_t jbuf_append_va(jbuf_t jb, const char *fmt, va_list _ap)
cnt = vsnprintf(&jb->buf[jb->cursor], space, fmt, ap);
va_end(ap);
if (cnt >= space) {
space = jb->buf_len + cnt + JSON_BUF_START_LEN;
space = jb->buf_len + cnt + JSON_BUF_START_LEN + sizeof(*jb);
jb = realloc(jb, space);
if (jb) {
jb->buf_len = space;
jb->buf_len = space - sizeof(*jb);
goto retry;
} else {
return NULL;
Expand Down

0 comments on commit 843e31a

Please sign in to comment.