Invalid "state" of buffer when decoding string

[marcstern]

In yajl_parser.c, on line 253, we pass yajl_buf_data(hand->decodeBuf) to the callback instead of the usual buffer "buf". As this points to another memory location, the callback receive 2 buffers that are located in another space. Concrete problem: in ModSecurity, we use the callback to get the decoded value of the string and we calculate the offset of a variable value in order to mask it in the log. In the callback, when the JSON is decoded, we receive another location than the original one and we cannot calculate the offset.

We should perform this trivial change: if (yajl_string_decode(hand->decodeBuf, buf, bufLen) < 0) return yajl_status_error;

• _CC_CHK(hand->callbacks->yajl_string(hand->ctx, yajl_buf_data(hand->decodeBuf),yajl_buf_len(hand->decodeBuf))); +bufLen = yajl_buf_len(hand->decodeBuf); +strncpy(buf, yajl_buf_data(hand->decodeBuf), bufLen); +_CC_CHK(hand->callbacks->yajl_string(hand->ctx, buf, bufLen));

Note that on line 393, bufLen & buf are correctly updated after yajl_string_decode()

[marcstern]

Additional note: this modifies the input string jsonText and should be documented