]> granicus.if.org Git - json-c/commitdiff
projects / json-c / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: af87944)
Clamp double to int32 when narrowing in json_object_get_int.
authorKurt Schwehr <schwehr@google.com>
Tue, 8 Aug 2017 14:54:38 +0000 (07:54 -0700)
committerKurt Schwehr <schwehr@google.com>
Tue, 8 Aug 2017 14:54:38 +0000 (07:54 -0700)
Avoids undefined behavior.  Found by autofuzz.

json_object.c patch | blob | history

diff --git a/json_object.c b/json_object.c
index 8c80426fa9e7f78c50f6397f5c1dbb26ef441638..7148731bce56c7de8b05604b8df5ae71b75b757b 100644 (file)
--- a/json_object.c
+++ b/json_object.c
@@ -635,6 +635,10 @@ int32_t json_object_get_int(const struct json_object *jso)
                return INT32_MAX;
        return (int32_t) cint64;
   case json_type_double:
+    if (jso->o.c_double <= INT32_MIN)
+      return INT32_MIN;
+    if (jso->o.c_double >= INT32_MAX)
+      return INT32_MAX;
     return (int32_t)jso->o.c_double;
   case json_type_boolean:
     return jso->o.c_boolean;
Unnamed repository; edit this file 'description' to name the repository.