Module: wine Branch: master Commit: 6b22f2bd6003ccc1849900dad0c356cb295d3469 URL: https://source.winehq.org/git/wine.git/?a=commit;h=6b22f2bd6003ccc1849900dad...
Author: Paul Gofman pgofman@codeweavers.com Date: Fri Aug 6 16:56:49 2021 +0200
jscript: Avoid use after free in JSON_parse().
Signed-off-by: Paul Gofman pgofman@codeweavers.com Signed-off-by: Jacek Caban jacek@codeweavers.com Signed-off-by: Alexandre Julliard julliard@winehq.org
---
dlls/jscript/json.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/dlls/jscript/json.c b/dlls/jscript/json.c index a8014f95b4f..f2fbb80dc09 100644 --- a/dlls/jscript/json.c +++ b/dlls/jscript/json.c @@ -291,16 +291,14 @@ static HRESULT JSON_parse(script_ctx_t *ctx, vdisp_t *jsthis, WORD flags, unsign parse_ctx.end = buf + jsstr_length(str); parse_ctx.ctx = ctx; hres = parse_json_value(&parse_ctx, &ret); + if(SUCCEEDED(hres) && skip_spaces(&parse_ctx)) { + FIXME("syntax error\n"); + hres = E_FAIL; + } jsstr_release(str); if(FAILED(hres)) return hres;
- if(skip_spaces(&parse_ctx)) { - FIXME("syntax error\n"); - jsval_release(ret); - return E_FAIL; - } - if(r) *r = ret; else