Gitiles
Code Review Sign In
review.blissroms.org / platform_external_json-c / c51b88d69a3bb70f7bfed3f78a9283726cc827dd
commitc51b88d69a3bb70f7bfed3f78a9283726cc827dd[log] [tgz]
authorKeith Derrick <keith.derrick@lge.com>Tue Oct 01 09:18:51 2013 -0700
committerKeith Derrick <keith.derrick@lge.com>Tue Oct 01 10:17:00 2013 -0700
tree963e005b1914e80dbe2391e6ff03e3f00b5b15d4
parent06450206c4f3de4af8d81bb6d93e9db1d5fedec1 [diff]
Avoid potential overflow in json_object_get_double

sscanf is always a potential problem when converting numeric
values as it does not correctly handle over- and underflow
(or at least gives no indication that it has done so).

This change converts json_object_get_double() to use strtod()
according to CERT guidelines.
1 file changed
tree: 963e005b1914e80dbe2391e6ff03e3f00b5b15d4
  1. tests/
  2. .gitignore
  3. Android.configure.mk
  4. arraylist.c
  5. arraylist.h
  6. AUTHORS
  7. autogen.sh
  8. bits.h
  9. ChangeLog
  10. config.h.in
  11. config.h.win32
  12. configure.in
  13. COPYING
  14. debug.c
  15. debug.h
  16. Doxyfile
  17. json-c-uninstalled.pc.in
  18. json-c.pc.in
  19. json-c.vcproj
  20. json.h
  21. json.pc.in
  22. json_c_version.c
  23. json_c_version.h
  24. json_config.h.in
  25. json_inttypes.h
  26. json_object.c
  27. json_object.h
  28. json_object_iterator.c
  29. json_object_iterator.h
  30. json_object_private.h
  31. json_tokener.c
  32. json_tokener.h
  33. json_util.c
  34. json_util.h
  35. libjson.c
  36. linkhash.c
  37. linkhash.h
  38. Makefile.am
  39. Makefile.am.inc
  40. NEWS
  41. printbuf.c
  42. printbuf.h
  43. README
  44. README-WIN32.html
  45. README.html
  46. RELEASE_CHECKLIST.txt