From fd425b195cff4b2138ed36e0cd30304348eb034a Mon Sep 17 00:00:00 2001 From: Guy Harris Date: Mon, 2 Sep 2019 20:02:59 -0700 Subject: [PATCH] Also don't treat an empty buffer as JSON. That also keeps us from looking at the non-existent first octet of an empty buffer. Bug: 16031 Change-Id: I3fcf4201d21dc44ccd8815cb0637c1eae4995560 Reviewed-on: https://code.wireshark.org/review/34439 Petri-Dish: Guy Harris Tested-by: Petri Dish Buildbot Reviewed-by: Guy Harris --- wsutil/wsjson.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/wsutil/wsjson.c b/wsutil/wsjson.c index 087c510894..47f8220a6c 100644 --- a/wsutil/wsjson.c +++ b/wsutil/wsjson.c @@ -37,12 +37,16 @@ json_validate(const guint8 *buf, const size_t len) return FALSE; /* - * Make sure the first octet isn't a NUL; otherwise, the parser will - * immediately stop parsing and not validate anything after that, - * so it'll just think it was handed an empty string. + * Make sure the buffer isn't empty and the first octet isn't a NUL; + * otherwise, the parser will immediately stop parsing and not validate + * anything after that, so it'll just think it was handed an empty string. * * XXX - should we check for NULs anywhere in the buffer? */ + if (len == 0) { + g_log(LOG_DOMAIN_MAIN, G_LOG_LEVEL_DEBUG, "jsmn: JSON string is empty"); + return FALSE; + } if (buf[0] == '\0') { g_log(LOG_DOMAIN_MAIN, G_LOG_LEVEL_DEBUG, "jsmn: invalid character inside JSON string"); return FALSE;