Oj: Use-After-Free in Oj::Parser Symbol Key Cache Toggle
Summary Disabling symbolkeys on a reused Oj::Parser instance triggers a heap use-after-free. When symbolkeys is toggled from true to false, optsymbolkeysset frees the internal key cache cachefree but does not clear the pointer. The next parse call reads from the freed cache via cacheintern,...