Release version 1.5.2

cJSON_Utils: free() to cJSON_free()

CHANGELOG.md

@@ -1,3 +1,18 @@
+1.5.2
+=====
+Fixes:
+------
+* Fix a reading buffer overflow in `parse_string` (a167d9e381e5c84bc03de4e261757b031c0c690d)
+* Fix compiling with -Wcomma (186cce3ece6ce6dfcb58ac8b2a63f7846c3493ad)
+* Remove leftover attribute from tests (b537ca70a35680db66f1f5b8b437f7114daa699a)
+
+1.5.1
+=====
+Fixes:
+------
+* Add gcc version guard to the Makefile (#164), thanks @juvasquezg
+* Fix incorrect free in `cJSON_Utils` if custom memory allocator is used (#166), thanks @prefetchnta
+
 1.5.0
 =====
 Features:

CMakeLists.txt

@@ -7,7 +7,7 @@ project(cJSON C)
 
 set(PROJECT_VERSION_MAJOR 1)
 set(PROJECT_VERSION_MINOR 5)
-set(PROJECT_VERSION_PATCH 0)
+set(PROJECT_VERSION_PATCH 2)
 set(CJSON_VERSION_SO 1)
 set(CJSON_UTILS_VERSION_SO 1)
 set(PROJECT_VERSION "${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}")

CONTRIBUTORS.md

@@ -17,6 +17,7 @@ Contributors
 * [IvanVoid](https://github.com/npi3pak)
 * [Jiri Zouhar](https://github.com/loigu)
 * [Jonathan Fether](https://github.com/jfether)
+* [Julián Vásquez](https://github.com/juvasquezg)
 * [Kevin Branigan](https://github.com/kbranigan)
 * [Kyle Chisholm](https://github.com/ChisholmKyle)
 * [Linus Wallgren](https://github.com/ecksun)
@@ -26,6 +27,7 @@ Contributors
 * [Mike Robinson](https://github.com/mhrobinson)
 * Paulo Antonio Alvarez
 * [Pawel Winogrodzki](https://github.com/PawelWMS)
+* [prefetchnta](https://github.com/prefetchnta)
 * [Rafael Leal Dias](https://github.com/rafaeldias)
 * [Rod Vagg](https://github.com/rvagg)
 * [Roland Meertens](https://github.com/rmeertens)

Makefile

@@ -8,7 +8,7 @@ CJSON_TEST_SRC = cJSON.c test.c
 
 LDLIBS = -lm
 
-LIBVERSION = 1.5.0
+LIBVERSION = 1.5.2
 CJSON_SOVERSION = 1
 UTILS_SOVERSION = 1
 
@@ -21,7 +21,17 @@ INSTALL_LIBRARY_PATH = $(DESTDIR)$(PREFIX)/$(LIBRARY_PATH)
 
 INSTALL ?= cp -a
 
-R_CFLAGS = -fPIC -std=c89 -pedantic -Wall -Werror -Wstrict-prototypes -Wwrite-strings -Wshadow -Winit-self -Wcast-align -Wformat=2 -Wmissing-prototypes -Wstrict-overflow=2 -Wcast-qual -Wc++-compat -Wundef -Wswitch-default -Wconversion -fstack-protector-strong $(CFLAGS)
+# validate gcc version for use fstack-protector-strong
+MIN_GCC_VERSION = "4.9"
+GCC_VERSION := "`gcc -dumpversion`"
+IS_GCC_ABOVE_MIN_VERSION := $(shell expr "$(GCC_VERSION)" ">=" "$(MIN_GCC_VERSION)")
+ifeq "$(IS_GCC_ABOVE_MIN_VERSION)" "1"
+    CFLAGS += -fstack-protector-strong
+else
+    CFLAGS += -fstack-protector
+endif
+
+R_CFLAGS = -fPIC -std=c89 -pedantic -Wall -Werror -Wstrict-prototypes -Wwrite-strings -Wshadow -Winit-self -Wcast-align -Wformat=2 -Wmissing-prototypes -Wstrict-overflow=2 -Wcast-qual -Wc++-compat -Wundef -Wswitch-default -Wconversion $(CFLAGS)
 
 uname := $(shell sh -c 'uname -s 2>/dev/null || echo false')
 

cJSON.c

@@ -58,7 +58,7 @@ CJSON_PUBLIC(const char *) cJSON_GetErrorPtr(void)
 }
 
 /* This is a safeguard to prevent copy-pasters from using incompatible C and header files */
-#if (CJSON_VERSION_MAJOR != 1) || (CJSON_VERSION_MINOR != 5) || (CJSON_VERSION_PATCH != 0)
+#if (CJSON_VERSION_MAJOR != 1) || (CJSON_VERSION_MINOR != 5) || (CJSON_VERSION_PATCH != 2)
     #error cJSON.h and cJSON.c have different versions. Make sure that both have the same.
 #endif
 
@@ -657,7 +657,7 @@ static cJSON_bool parse_string(cJSON * const item, parse_buffer * const input_bu
         /* calculate approximate size of the output (overestimate) */
         size_t allocation_length = 0;
         size_t skipped_bytes = 0;
-        while ((*input_end != '\"') && ((size_t)(input_end - input_buffer->content) < input_buffer->length))
+        while (((size_t)(input_end - input_buffer->content) < input_buffer->length) && (*input_end != '\"'))
         {
             /* is escape sequence */
             if (input_end[0] == '\\')
@@ -672,7 +672,7 @@ static cJSON_bool parse_string(cJSON * const item, parse_buffer * const input_bu
             }
             input_end++;
         }
-        if (*input_end != '\"')
+        if (((size_t)(input_end - input_buffer->content) >= input_buffer->length) || (*input_end != '\"'))
         {
             goto fail; /* string ended unexpectedly */
         }
@@ -2560,16 +2560,18 @@ CJSON_PUBLIC(cJSON_bool) cJSON_Compare(const cJSON * const a, const cJSON * cons
 
         case cJSON_Array:
         {
-            cJSON *a_element = NULL;
-            cJSON *b_element = NULL;
-            for (a_element = a->child, b_element = b->child;
-                    (a_element != NULL) && (b_element != NULL);
-                    a_element = a_element->next, b_element = b_element->next)
+            cJSON *a_element = a->child;
+            cJSON *b_element = b->child;
+
+            for (; (a_element != NULL) && (b_element != NULL);)
             {
                 if (!cJSON_Compare(a_element, b_element, case_sensitive))
                 {
                     return false;
                 }
+
+                a_element = a_element->next;
+                b_element = b_element->next;
             }
 
             return true;

cJSON.h

@@ -31,7 +31,7 @@ extern "C"
 /* project version */
 #define CJSON_VERSION_MAJOR 1
 #define CJSON_VERSION_MINOR 5
-#define CJSON_VERSION_PATCH 0
+#define CJSON_VERSION_PATCH 2
 
 #include <stddef.h>
 

cJSON_Utils.c

@@ -1041,7 +1041,7 @@ static void compose_patch(cJSON * const patches, const unsigned char * const ope
         encode_string_as_pointer(full_path + path_length + 1, suffix);
 
         cJSON_AddItemToObject(patch, "path", cJSON_CreateString((const char*)full_path));
-        free(full_path);
+        cJSON_free(full_path);
     }
 
     if (value != NULL)
@@ -1100,7 +1100,7 @@ static void create_patches(cJSON * const patches, const unsigned char * const pa
                  * if size_t is an alias of unsigned long, or if it is bigger */
                 if (index > ULONG_MAX)
                 {
-                    free(new_path);
+                    cJSON_free(new_path);
                     return;
                 }
                 sprintf((char*)new_path, "%s/%lu", path, (unsigned long)index); /* path of the current array element */
@@ -1115,7 +1115,7 @@ static void create_patches(cJSON * const patches, const unsigned char * const pa
                  * if size_t is an alias of unsigned long, or if it is bigger */
                 if (index > ULONG_MAX)
                 {
-                    free(new_path);
+                    cJSON_free(new_path);
                     return;
                 }
                 sprintf((char*)new_path, "%lu", (unsigned long)index);
@@ -1126,7 +1126,7 @@ static void create_patches(cJSON * const patches, const unsigned char * const pa
             {
                 compose_patch(patches, (const unsigned char*)"add", path, (const unsigned char*)"-", to_child);
             }
-            free(new_path);
+            cJSON_free(new_path);
             return;
         }
 
@@ -1168,7 +1168,7 @@ static void create_patches(cJSON * const patches, const unsigned char * const pa
 
                     /* create a patch for the element */
                     create_patches(patches, new_path, from_child, to_child, case_sensitive);
-                    free(new_path);
+                    cJSON_free(new_path);
 
                     from_child = from_child->next;
                     to_child = to_child->next;

tests/old_utils_tests.c

@@ -30,7 +30,7 @@
 #include "../cJSON_Utils.h"
 
 /* JSON Apply Merge tests: */
-const char *merges[15][3] =
+static const char *merges[15][3] =
 {
     {"{\"a\":\"b\"}", "{\"a\":\"c\"}", "{\"a\":\"c\"}"},
     {"{\"a\":\"b\"}", "{\"b\":\"c\"}", "{\"a\":\"b\",\"b\":\"c\"}"},