aboutsummaryrefslogtreecommitdiff
path: root/src/json.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/json.c')
-rw-r--r--src/json.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/src/json.c b/src/json.c
index c7412d3c7..d69d96793 100644
--- a/src/json.c
+++ b/src/json.c
@@ -2124,6 +2124,7 @@ static u32 jsonTranslateBlobToText(
}
case JSONB_INT:
case JSONB_FLOAT: {
+ if( sz==0 ) goto malformed_jsonb;
jsonAppendRaw(pOut, (const char*)&pParse->aBlob[i+n], sz);
break;
}
@@ -2132,6 +2133,7 @@ static u32 jsonTranslateBlobToText(
sqlite3_uint64 u = 0;
const char *zIn = (const char*)&pParse->aBlob[i+n];
int bOverflow = 0;
+ if( sz==0 ) goto malformed_jsonb;
if( zIn[0]=='-' ){
jsonAppendChar(pOut, '-');
k++;
@@ -2154,6 +2156,7 @@ static u32 jsonTranslateBlobToText(
case JSONB_FLOAT5: { /* Float literal missing digits beside "." */
u32 k = 0;
const char *zIn = (const char*)&pParse->aBlob[i+n];
+ if( sz==0 ) goto malformed_jsonb;
if( zIn[0]=='-' ){
jsonAppendChar(pOut, '-');
k++;
@@ -2291,6 +2294,7 @@ static u32 jsonTranslateBlobToText(
}
default: {
+ malformed_jsonb:
pOut->eErr |= JSTRING_MALFORMED;
break;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-18 05:45:58 +0000