From 3c2205cd97838d3c4143107992967e23f0c958b8 Mon Sep 17 00:00:00 2001
From: vslashg <veloso@verylowsodium.com>
Date: Mon, 9 Sep 2024 20:32:17 -0400
Subject: [PATCH] Fix out-of-bounds read. (#1503)

getLocationLIneAndColumn would read past the end of the provided buffer if generating an error message at the end of the stream, if the final character was `\r`.

Co-authored-by: Jordan Bayles <bayles.jordan@gmail.com>
---
 src/lib_json/json_reader.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/lib_json/json_reader.cpp b/src/lib_json/json_reader.cpp
index b12c6b8..86ed030 100644
--- a/src/lib_json/json_reader.cpp
+++ b/src/lib_json/json_reader.cpp
@@ -761,7 +761,7 @@ void Reader::getLocationLineAndColumn(Location location, int& line,
   while (current < location && current != end_) {
     Char c = *current++;
     if (c == '\r') {
-      if (*current == '\n')
+      if (current != end_ && *current == '\n')
         ++current;
       lastLineStart = current;
       ++line;
@@ -1801,7 +1801,7 @@ void OurReader::getLocationLineAndColumn(Location location, int& line,
   while (current < location && current != end_) {
     Char c = *current++;
     if (c == '\r') {
-      if (*current == '\n')
+      if (current != end_ && *current == '\n')
         ++current;
       lastLineStart = current;
       ++line;