Skip to content

Fix server JSON duplicate-field cleanup#433

Open
539hex wants to merge 1 commit into
antirez:mainfrom
539hex:main
Open

Fix server JSON duplicate-field cleanup#433
539hex wants to merge 1 commit into
antirez:mainfrom
539hex:main

Conversation

@539hex

@539hex 539hex commented Jun 17, 2026

Copy link
Copy Markdown

Summary

Fixes request parser cleanup for malformed duplicate JSON fields.

Several server JSON parsers replaced owned string/raw-value fields by freeing the
previous value before parsing the replacement. If a request repeated one of those
fields and the second value was malformed, the parser jumped to its cleanup path
while the pointer still referenced freed memory. The cleanup path could then free
the same pointer again.

This changes owned-field replacement to parse into a temporary value first, then
free/swap only after parsing succeeds.

Details

  • Adds small local json_*_replace() helpers for owned char * parser fields.
  • Applies the same replace-after-success pattern across OpenAI, Anthropic,
    Responses, and tool-schema request parsing.
  • Keeps existing selective parser structure, goto bad cleanup style, and
    request behavior.
  • Adds regression coverage for malformed duplicate owned fields.

Validation

Machine/backend/model:

  • Apple M2 Max
  • Metal backend
  • ds4flash.gguf / DeepSeek V4 Flash local symlink

Commands run:

make ds4_test ds4-server
./ds4_test --server
MallocNanoZone=0 MallocScribble=1 MallocErrorAbort=1 ./ds4_test --server
git diff --check

Runtime regression check:

MallocNanoZone=0 MallocScribble=1 MallocErrorAbort=1 \
  ./ds4-server --ctx 100 --ssd-streaming

Then, from another shell:

curl -i -H 'Content-Type: application/json' \
  --data-binary '{"model":"deepseek-v4-flash","max_tokens":1,"system":"ok","system":"bad\q","messages":[{"role":"user","content":"hello"}]}' \
  http://127.0.0.1:8000/v1/messages

Before the fix, this closed the connection without a response and the server
aborted with a malloc error:

ds4-server(...) malloc: *** error for object ...: pointer being freed was not allocated
ds4-server(...) malloc: *** set a breakpoint in malloc_error_break to debug

After the fix, it returns:

HTTP/1.1 400 Bad Request

A follow-up health check confirms the server stays alive:

curl -i http://127.0.0.1:8000/v1/models

Result:

HTTP/1.1 200 OK

This PR only claims the demonstrated remote malformed-request crash / memory-safety issue, and does not make broader exploitability claims.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@539hex