fix the incorrect check in decode_array_index_from_pointer (#957)

this fixes CVE-2025-57052

diff --git a/cJSON_Utils.c b/cJSON_Utils.c
index 63651dfbb842ca980b881a6a27abff8c0aaff028..8fa24f8e9bf452cf1ba49d1325c85423ce742c74 100644 (file)
--- a/cJSON_Utils.c
+++ b/cJSON_Utils.c
@@ -282,7 +282,7 @@ static cJSON_bool decode_array_index_from_pointer(const unsigned char * const po
         return 0;
     }
 
-    for (position = 0; (pointer[position] >= '0') && (pointer[0] <= '9'); position++)
+    for (position = 0; (pointer[position] >= '0') && (pointer[position] <= '9'); position++)
     {
         parsed_index = (10 * parsed_index) + (size_t)(pointer[position] - '0');