Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
* [AVRO-3945] Add missing bounds checks for extra increments in the loop This issue was found by cppcheck: impl/json/JsonIO.cc:319:66: warning: Missing bounds check for extra iterator increment in loop. [StlMissingComparison] for (string::const_iterator it = s.begin(); it != s.end(); ++it) { ^ impl/json/JsonIO.cc:350:37: note: Missing bounds check for extra iterator increment in loop. char c = *++it; ^ impl/json/JsonIO.cc:319:66: note: Missing bounds check for extra iterator increment in loop. for (string::const_iterator it = s.begin(); it != s.end(); ++it) { The original implementation contained a for-loop that incremented an iterator on each iteration **and** if a backslash was found. This caused a situtation when a malicious string could cause an invalid memory access, because the iterator would reach **after** the `s.cend()` due to additional increments in the loop body. This commit fixes the issue. * build.sh: sort unittests and add forgotten tests
- Loading branch information