patch 8.0.0216: decoding js style json may fail

Problem:    When decoding JSON with a JS style object the JSON test may use a
            NULL pointer. (Coverity)
Solution:   Check for a NULL pointer.

diff --git a/src/json.c b/src/json.c
index a9333cf0768df5ec698683b6b1579dfab17d4f51..fd1b6ec3db826da531e9254633b96c1b0fd75c97 100644 (file)
--- a/src/json.c
+++ b/src/json.c
@@ -629,10 +629,13 @@ json_decode_item(js_read_T *reader, typval_T *res, int options)
            key = p = reader->js_buf + reader->js_used;
            while (*p != NUL && *p != ':' && *p > ' ')
                ++p;
-           cur_item->v_type = VAR_STRING;
-           cur_item->vval.v_string = vim_strnsave(key, (int)(p - key));
+           if (cur_item != NULL)
+           {
+               cur_item->v_type = VAR_STRING;
+               cur_item->vval.v_string = vim_strnsave(key, (int)(p - key));
+               top_item->jd_key = cur_item->vval.v_string;
+           }
            reader->js_used += (int)(p - key);
-           top_item->jd_key = cur_item->vval.v_string;
        }
        else
        {
@@ -1053,7 +1056,8 @@ json_decode(js_read_T *reader, typval_T *res, int options)
 
 /*
  * Decode the JSON from "reader" to find the end of the message.
- * "options" can be JSON_JS or zero;
+ * "options" can be JSON_JS or zero.
+ * This is only used for testing.
  * Return FAIL if the message has a decoding error.
  * Return MAYBE if the message is truncated, need to read more.
  * This only works reliable if the message contains an object, array or

diff --git a/src/json_test.c b/src/json_test.c
index 74463f3d2bbaae8ec9e243429b5896c2e29e09e4..c7779b29afbb811df3d0b13c58100c1c085fd56a 100644 (file)
--- a/src/json_test.c
+++ b/src/json_test.c
@@ -107,6 +107,12 @@ test_decode_find_end(void)
     reader.js_buf = (char_u *)"  {   ";
     assert(json_find_end(&reader, 0) == MAYBE);
 
+    /* JS object with white space */
+    reader.js_buf = (char_u *)"  {  a  :  123  }  ";
+    assert(json_find_end(&reader, JSON_JS) == OK);
+    reader.js_buf = (char_u *)"  {  a  :   ";
+    assert(json_find_end(&reader, JSON_JS) == MAYBE);
+
     /* array without white space */
     reader.js_buf = (char_u *)"[\"a\",123]";
     assert(json_find_end(&reader, 0) == OK);

diff --git a/src/version.c b/src/version.c
index 0e13125c790e3ebf4fe04e714b4cb2555340f8c3..a46b13ff39cc6229c0e600f97a6e3ae72db46ffe 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -764,6 +764,8 @@ static char *(features[]) =
 
 static int included_patches[] =
 {   /* Add new patch number below this line */
+/**/
+    216,
 /**/
     215,
 /**/