no NULL pointer check in cJSON_DetachItemViaPointer #882
Description
I just noticed that the function cJSON_DetachItemViaPointer does not perform a proper null-check for item->prev for the second argument. Library commit 3249730.
Let's take this simple example:
#include <cjson/cJSON.h>
#include <stdlib.h>
#include <stdint.h>
int main(int argc, char** argv) {
cJSON *a, *b;
a = cJSON_ParseWithOpts("\"foo\"", nullptr, 0);
b = cJSON_ParseWithOpts("\"bar\"", nullptr, 0);
cJSON_DetachItemViaPointer(b, a);
return 0;
}item argument is like:
p *item
$1 = {
next = 0x0,
prev = 0x0,
child = 0x0,
type = 0x10,
valuestring = 0x602000000010 "ciao",
valueint = 0x0,
valuedouble = 0,
string = 0x0
}but there is no check for item->prev:
if (item != parent->child) {
/* not the first element */
item->prev->next = item->next; // At line 2215, cJSON.c
}I can write a PR but I do not know how it is the intended behavior of the library. Where is the best place to put the NULL check?