From 56d392a7e5ae5f522004ff92396dabd468f8d810 Mon Sep 17 00:00:00 2001
From: aled-ua <bugbuster.cc@gmail.com>
Date: Sun, 22 Dec 2024 06:40:55 +0000
Subject: [PATCH] Fix vuln OSV-2024-384

---
 src/in_json.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/in_json.c b/src/in_json.c
index 3145f86d5..d99df5fce 100644
--- a/src/in_json.c
+++ b/src/in_json.c
@@ -463,6 +463,7 @@ json_fixed_string (Bit_Chain *restrict dat, const int len,
                          l, &dat->chain[t->start]);
               // len = t->end - t->start;
               free (str);
+              str = NULL;
               goto normal;
             }
           str = (char *)realloc (str, dlen);
@@ -475,6 +476,7 @@ json_fixed_string (Bit_Chain *restrict dat, const int len,
     {
       char *p;
     normal:
+      if (!str) return NULL;
       if (l > len)
         {
           memcpy (str, &dat->chain[t->start], len);
@@ -3831,6 +3833,7 @@ json_R2004_Header (Bit_Chain *restrict dat, Dwg_Data *restrict dwg,
             }
           LOG_TRACE ("file_ID_string: \"%.*s\"\n", 12, _obj->file_ID_string)
           free (s);
+          s = NULL;
         }
       else if (strEQc (key, "padding"))
         {