From 74e1ff4994aa4139126967f6d289b675b4b36fef Mon Sep 17 00:00:00 2001
From: Lee <peteralfredlee@gmail.com>
Date: Fri, 5 Sep 2025 14:53:20 +0800
Subject: [PATCH] fix the incorrect check in decode_array_index_from_pointer
 (#957)

this fixes CVE-2025-57052
---
 cJSON_Utils.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cJSON_Utils.c b/cJSON_Utils.c
index 63651df..8fa24f8 100644
--- a/cJSON_Utils.c
+++ b/cJSON_Utils.c
@@ -282,7 +282,7 @@ static cJSON_bool decode_array_index_from_pointer(const unsigned char * const po
         return 0;
     }
 
-    for (position = 0; (pointer[position] >= '0') && (pointer[0] <= '9'); position++)
+    for (position = 0; (pointer[position] >= '0') && (pointer[position] <= '9'); position++)
     {
         parsed_index = (10 * parsed_index) + (size_t)(pointer[position] - '0');