Merge commit from fork

Fix potential out of bound read in `json_string_unescape`.

Author: byroot

CHANGES.md

@@ -1,5 +1,6 @@
 # Changes
 
+* Fix a potential crash in the C extension parser.
 * Raise a ParserError on all incomplete unicode escape sequence. This was the behavior until `2.10.0` unadvertently changed it.
 * Ensure document snippets that are included in parser errors don't include truncated multibyte characters.
 

ext/json/ext/parser/parser.c

@@ -608,7 +608,7 @@ static VALUE json_string_unescape(JSON_ParserState *state, const char *string, c
     buffer = RSTRING_PTR(result);
     bufferStart = buffer;
 
-    while ((pe = memchr(pe, '\\', stringEnd - pe))) {
+    while (pe < stringEnd && (pe = memchr(pe, '\\', stringEnd - pe))) {
         unescape = (char *) "?";
         unescape_len = 1;
         if (pe > p) {