Avoid a potential buffer overread when handling corrupt json blobs.

FossilOrigin-Name: 738473dc0ac353731080d0785cc7dc9810b564906c176916bd91d6cfbb1a7b18
author: dan <Dan Kennedy> 2024-01-29 15:30:35 +0000
committer: dan <Dan Kennedy> 2024-01-29 15:30:35 +0000
commit: 7f9a1ff3f2f909773ea7861425046fc0286508f2 (patch)
tree: 76817d9e76b115e085712053995d1c2e576c3c52 /src/json.c
parent: 3fc7a34efc5b840c069a4d55f61f14b3d68df85b (diff)
download: sqlite-7f9a1ff3f2f909773ea7861425046fc0286508f2.tar.gz
sqlite-7f9a1ff3f2f909773ea7861425046fc0286508f2.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/json.c b/src/json.c
index d69d96793..94f5a3ef9 100644
--- a/src/json.c
+++ b/src/json.c
@@ -2073,8 +2073,8 @@ static u32 jsonbPayloadSize(const JsonParse *pParse, u32 i, u32 *pSz){
          (pParse->aBlob[i+7]<<8) + pParse->aBlob[i+8];
     n = 9;
   }
-  if( i+sz+n > pParse->nBlob
-   && i+sz+n > pParse->nBlob-pParse->delta
+  if( (i64)i+sz+n > pParse->nBlob
+   && (i64)i+sz+n > pParse->nBlob-pParse->delta
   ){
     sz = 0;
     n = 0;
author	dan <Dan Kennedy>	2024-01-29 15:30:35 +0000
committer	dan <Dan Kennedy>	2024-01-29 15:30:35 +0000
commit	7f9a1ff3f2f909773ea7861425046fc0286508f2 (patch)
tree	76817d9e76b115e085712053995d1c2e576c3c52 /src/json.c
parent	3fc7a34efc5b840c069a4d55f61f14b3d68df85b (diff)
download	sqlite-7f9a1ff3f2f909773ea7861425046fc0286508f2.tar.gz sqlite-7f9a1ff3f2f909773ea7861425046fc0286508f2.zip