From ab7f5e5401d45462f517f204e5ce52d80d7dbcd6 Mon Sep 17 00:00:00 2001
From: Disconnect3d <dominik.b.czarnota@gmail.com>
Date: Mon, 3 May 2021 18:47:03 +0200
Subject: [PATCH] Fix memleak when parsing keys with embedded null bytes (#157)

* Fix memleak when parsing key with embedded null byte

This commit fixes and adds a test for a memory leak that occurs when
parsing strings with keys that have a null byte embedded in them.

This memory leak can be triggered with the following line, where this
call returns a `NULL`:
```c
        json_parse_string("{\"\\u0000\"")
```

This memory leak happens in the `parse_object_value` function in here:
```
        new_key = get_quoted_string(string, &key_len);  <---- ALLOCATION
        /* We do not support key names with embedded \0 chars */
        if (new_key == NULL || key_len != strlen(new_key)) {
            json_value_free(output_value);
            return NULL;                       <---- `new_key` NOT FREED
        }
        SKIP_WHITESPACES(string);
        if (**string != ':') {
            parson_free(new_key);
            json_value_free(output_value);
            return NULL;
        }
```

* Increments version to 1.1.2

Co-authored-by: Krzysztof Gabis <kgabis@gmail.com>
---
 CMakeLists.txt | 2 +-
 package.json   | 2 +-
 parson.c       | 5 ++++-
 parson.h       | 2 +-
 tests.c        | 2 ++
 5 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index d2c4cfd..5a2a3c0 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -3,7 +3,7 @@ project(parson C)
 
 include (GNUInstallDirs)
 
-set(PARSON_VERSION 1.1.1)
+set(PARSON_VERSION 1.1.2)
 add_library(parson parson.c)
 target_include_directories(parson PUBLIC $<INSTALL_INTERFACE:include>)
 
diff --git a/package.json b/package.json
index 3c65ea2..07c2efb 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "parson",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "repo": "kgabis/parson",
   "description": "Small json parser and reader",
   "keywords": [ "json", "parser" ],
diff --git a/parson.c b/parson.c
index d2b5141..535b9de 100644
--- a/parson.c
+++ b/parson.c
@@ -1,7 +1,7 @@
 /*
  SPDX-License-Identifier: MIT
 
- Parson 1.1.1 ( http://kgabis.github.com/parson/ )
+ Parson 1.1.2 ( http://kgabis.github.com/parson/ )
  Copyright (c) 2012 - 2021 Krzysztof Gabis
 
  Permission is hereby granted, free of charge, to any person obtaining a copy
@@ -742,6 +742,9 @@ static JSON_Value * parse_object_value(const char **string, size_t nesting) {
         new_key = get_quoted_string(string, &key_len);
         /* We do not support key names with embedded \0 chars */
         if (new_key == NULL || key_len != strlen(new_key)) {
+            if (new_key) {
+                parson_free(new_key);
+            }
             json_value_free(output_value);
             return NULL;
         }
diff --git a/parson.h b/parson.h
index 12cdda3..4d3acd0 100644
--- a/parson.h
+++ b/parson.h
@@ -1,7 +1,7 @@
 /*
  SPDX-License-Identifier: MIT
 
- Parson 1.1.1 ( http://kgabis.github.com/parson/ )
+ Parson 1.1.2 ( http://kgabis.github.com/parson/ )
  Copyright (c) 2012 - 2021 Krzysztof Gabis
 
  Permission is hereby granted, free of charge, to any person obtaining a copy
diff --git a/tests.c b/tests.c
index e828771..e558f43 100644
--- a/tests.c
+++ b/tests.c
@@ -588,6 +588,8 @@ void test_memory_leaks() {
     TEST(json_object_set_boolean(NULL, "lorem", 0) == JSONFailure);
     TEST(json_object_set_null(NULL, "lorem") == JSONFailure);
 
+    TEST(json_parse_string("{\"\\u0000\"") == NULL);
+
     TEST(malloc_count == 0);
 }