Bug 1028486 - json-c: array hardening
json-c: array hardening
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: json-c (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Remi Collet
BaseOS QE - Apps
Depends On:
Blocks: 1028485
  Show dependency treegraph
Reported: 2013-11-08 10:00 EST by Florian Weimer
Modified: 2015-12-17 05:36 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2015-12-17 05:36:02 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Florian Weimer 2013-11-08 10:00:25 EST
The array_list_get_idx() function should check for negative indexes, too.

array_list_expand_internal() should check for negative max values and integer overflows.

This is purely hardening, there is no known security impact.
Comment 3 Florian Weimer 2015-09-21 05:03:10 EDT
This was reported upstream: https://github.com/json-c/json-c/issues/187

Note You need to log in before you can comment on or make changes to this bug.