fix vulnerability in JSON parsing (#9491)

author: Timotej S <6674623+underhood@users.noreply.github.com> 2020-07-07 12:12:05 +0200
committer: GitHub <noreply@github.com> 2020-07-07 12:12:05 +0200
commit: 10e6b747dae6fa42ccfeeb7b4511e8fec31c61b2 (patch)
tree: 1bbed9a6cc61362e0cd61f38ca0506b85072a660 /libnetdata
parent: 1eece0b7c14a0c8aab5fde8ecbe9b5bbb8f85240 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/libnetdata/json/json.c b/libnetdata/json/json.c
index 94f670edf2..d2407ba405 100644
--- a/libnetdata/json/json.c
+++ b/libnetdata/json/json.c
@@ -137,10 +137,12 @@ int json_callback_print(JSON_ENTRY *e)
  * @param e the output structure
  */
 static inline void json_jsonc_set_string(JSON_ENTRY *e,char *key,const char *value) {
-    size_t length = strlen(key);
+    size_t len = strlen(key);
+    if(len > JSON_NAME_LEN)
+        len = JSON_NAME_LEN;
     e->type = JSON_STRING;
-    memcpy(e->name,key,length);
-    e->name[length] = 0x00;
+    memcpy(e->name,key,len);
+    e->name[len] = 0x00;
     e->data.string = (char *) value;
 }
author	Timotej S <6674623+underhood@users.noreply.github.com>	2020-07-07 12:12:05 +0200
committer	GitHub <noreply@github.com>	2020-07-07 12:12:05 +0200
commit	10e6b747dae6fa42ccfeeb7b4511e8fec31c61b2 (patch)
tree	1bbed9a6cc61362e0cd61f38ca0506b85072a660 /libnetdata
parent	1eece0b7c14a0c8aab5fde8ecbe9b5bbb8f85240 (diff)