NULL pointer dereference in microjson

Dear Eric S. Raymond, We have found a NULL pointer dereference issue in microjson. The crash input is automatically generated by our test generation tool FOCAL. You can find example.c and crash.json in [crash.zip]/uploads/cab51545027343c8c63b9b4dad921332/crash.zip).

Here are details to reproduce the buffer overflow.

• OS & Compiler Ubuntu Linux 16.04 x64 and GCC 5.4.0
• Build command

$ gcc -O -fsanitize=address -DDEBUG_ENABLE -g -DTIME_ENABLE example.c mjson.c mjson.h -o example

• Run command

$ ./example < crash.json

• Outputs

ASAN:SIGSEGV
=================================================================
==6316==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000402d11 bp 0x000000000000 sp 0x7ffdccec79e0 T0)
    #0 0x402d10 in json_internal_read_object /home/yhkim/microjson-1.4/mjson.c:211
    #1 0x404d22 in json_read_object /home/yhkim/microjson-1.4/mjson.c:778
    #2 0x40167c in json_devicelist_read /home/yhkim/microjson-1.4/example3.c:46
    #3 0x40167c in main /home/yhkim/microjson-1.4/example3.c:63
    #4 0x7f8c2a58882f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #5 0x401438 in _start (/home/yhkim/microjson-1.4/example+0x401438)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/yhkim/microjson-1.4/mjson.c:211 json_internal_read_object
==6316==ABORTING