Fixes Oss-Fuzz issue: 21916 (#1180)

kabeer27 · dota17 · commit 3228be44b0b3 · 2020-07-06T16:30:40.000+08:00
* Fix heap-buffer-overflow in json_reader
diff --git a/src/lib_json/json_reader.cpp b/src/lib_json/json_reader.cpp
@@ -1287,7 +1287,7 @@ void OurReader::skipSpaces() {
 void OurReader::skipBom(bool skipBom) {
   // The default behavior is to skip BOM.
   if (skipBom) {
-    if (strncmp(begin_, "\xEF\xBB\xBF", 3) == 0) {
+    if ((end_ - begin_) >= 3 && strncmp(begin_, "\xEF\xBB\xBF", 3) == 0) {
       begin_ += 3;
       current_ = begin_;
     }

Original file line number	Diff line number	Diff line change
`@@ -1287,7 +1287,7 @@ void OurReader::skipSpaces() {`
`1287`	`1287`	`void OurReader::skipBom(bool skipBom) {`
`1288`	`1288`	`// The default behavior is to skip BOM.`
`1289`	`1289`	`if (skipBom) {`
`1290`		`- if (strncmp(begin_, "\xEF\xBB\xBF", 3) == 0) {`
	`1290`	`+ if ((end_ - begin_) >= 3 && strncmp(begin_, "\xEF\xBB\xBF", 3) == 0) {`
`1291`	`1291`	`begin_ += 3;`
`1292`	`1292`	`current_ = begin_;`
`1293`	`1293`	`}`