MFH: Handle overflow when decoding large numbers and avoid 2 conversions

diff --git a/ext/json/JSON_parser.c b/ext/json/JSON_parser.c
index 6eca7ad7c12eb1103f46ef73aeedaa8d907599fd..607c490f4ae45ceddef584148035169754e0d385 100644 (file)
--- a/ext/json/JSON_parser.c
+++ b/ext/json/JSON_parser.c
@@ -284,15 +284,27 @@ static void json_create_zval(zval **z, smart_str *buf, int type)
 
     if (type == IS_LONG)
     {
-               long l = strtol(buf->c, NULL, 10);
-               if (l > LONG_MAX || l < LONG_MIN) {
-                       ZVAL_DOUBLE(*z, zend_strtod(buf->c, NULL));
-               } else {
-                       ZVAL_LONG(*z, l);
+               if (buf->c[0] == '-') {
+                       buf->len--;
                }
+
+               if (buf->len >= MAX_LENGTH_OF_LONG - 1) {
+                       if (buf->len == MAX_LENGTH_OF_LONG - 1) {
+                               int cmp = strcmp(buf->c + (buf->c[0] == '-'), long_min_digits);
+
+                               if (!(cmp < 0 || (cmp == 0 && buf->c[0] == '-'))) {
+                                       goto use_double;
+                               }
+                       } else {
+                               goto use_double;
+                       }
+               }
+
+               ZVAL_LONG(*z, strtol(buf->c, NULL, 10));
     }
     else if (type == IS_DOUBLE)
     {
+use_double:
         ZVAL_DOUBLE(*z, zend_strtod(buf->c, NULL));
     }
     else if (type == IS_STRING)