github/esphome
2
0
Fork 0
mirror of https://github.com/esphome/esphome.git synced 2026-06-24 14:37:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

[json] Fix heap buffer overflow in SerializationBuffer truncation path (#15566)

Browse Source
This commit is contained in:
J. Nick Koston
2026-04-08 09:46:16 -10:00
committed by GitHub
parent fb0033947c
commit 312dea7ddb
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
esphome/components/json/json_util.cpp
View File

@@ -140,8 +140,11 @@ SerializationBuffer<> JsonBuilder::serialize() {
heap_size *= 2;
}
// Payload exceeds 5120 bytes - return truncated result
ESP_LOGW(TAG, "JSON payload too large, truncated to %zu bytes", size);
result.set_size_(size);
// heap_size was doubled after the last iteration, so the actual allocated
// buffer capacity is heap_size/2. Clamp to avoid writing past the buffer.
size_t max_content = heap_size / 2 - 1;
ESP_LOGW(TAG, "JSON payload too large, truncated to %zu bytes", max_content);
result.set_size_(max_content);
return result;
}