SimpleJSON read out of bounds - information leak

Question

SimpleJSON read out of bounds - information leak

dzonerzy opened this issue 8 years ago · 3 comments

While i was testing SimpleJSON security i found a crash during string parsing inside parse_string function , below a screenshot.

This seems to be an information leak bug since the parser will try to parse a string until it found a matching " character in order to close the string inside the object, so providing something similar will result in a read out of bounds!

Step to reproduce:

Let me know if you need more information!

Regards,
Daniele Linguaglossa

Answer 1 · 2017-02-07T03:40:01.000Z

Ohhhh cool :D I saw you had a JSON fuzzer on your github; is that how you found this?

Thanks for the heads up, I'll look into this, but I'm not sure how long it'll be. I'm in the middle of changing jobs and moving so I'm kinda swamped.

Answer 2 · 2017-02-07T03:42:48.000Z

Yeah, taking a quick look at this, I'm going to probably need to rewrite the parser :/

Answer 3 · 2017-02-07T09:57:35.000Z

@nbsdx sure i found it using PyJFuzz :) so feel free to use it as a test suite during your development!