model_support.c _parse_string does not allow for unicode escaped string processing

openziti / ziti-sdk-c

A C-based sdk for delivering secure applications over a Ziti Network

https://docs.openziti.io/docs/reference/developer/sdk/ziti-sdk-c

Apache License 2.0

71 stars 14 forks source link

model_support.c _parse_string does not allow for unicode escaped string processing #243

Closed dovholuknf closed 3 years ago

dovholuknf commented 3 years ago

i had an http response come back with

issuer=ziti.dev\u0026secret=NHV434VTKE

inside it. this cased a segfault. the log clearly states what happened


[2021-03-02T21:17:18.737Z] ERROR        SDKe: _deps/ziti-sdk-c-src/library/model_support.c:620 _parse_string()  unhandled escape seq '\u'
[2021-03-02T21:17:18.738Z] TRACE        cleaning identity: theId
Thread 15 received signal SIGSEGV, Segmentation fault.```

ekoby commented 3 years ago

fixed in #244