Fix a null pointer crash in cJSON_ReplaceItemViaPointer

Fix-a-null-pointer-crash-in-cJSON_ReplaceItemViaPoin.patch

@@ -0,0 +1,25 @@
+From 73d8cbbaf1c8b5ceb5a46a8e7d9a24aa3edaf0a3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=E8=82=96=E5=9C=A8?= <xiaozai@kylinos.cn>
+Date: Tue, 7 May 2024 11:40:54 +0800
+Subject: [PATCH] Fix a null pointer crash in cJSON_ReplaceItemViaPointer
+
+---
+ cJSON.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/cJSON.c b/cJSON.c
+index 349ebbd..a1073ed 100644
+--- a/cJSON.c
++++ b/cJSON.c
+@@ -2304,7 +2304,7 @@ CJSON_PUBLIC(cJSON_bool) cJSON_InsertItemInArray(cJSON *array, int which, cJSON
+ 
+ CJSON_PUBLIC(cJSON_bool) cJSON_ReplaceItemViaPointer(cJSON * const parent, cJSON * const item, cJSON * replacement)
+ {
+-    if ((parent == NULL) || (replacement == NULL) || (item == NULL))
++    if ((parent == NULL) || (parent->child == NULL) || (replacement == NULL) || (item == NULL))
+     {
+         return false;
+     }
+-- 
+2.33.0
+

cjson.spec

@@ -1,6 +1,6 @@
 Name:           cjson
 Version:        1.7.15
-Release:        4
+Release:        5
 Summary:        Ultralightweight JSON parser in ANSI C
  
 License:        MIT and ASL 2.0
@@ -10,10 +10,13 @@ Source0:        https://github.com/DaveGamble/cJSON/archive/refs/tags/v1.7.15.ta
 Patch0001:	backport-CVE-2023-50471_50472.patch
 Patch0002:	backport-fix-potential-memory-leak-in-merge_patch.patch
 Patch0003:	CVE-2024-31755.patch
+Patch0004:      Fix-a-null-pointer-crash-in-cJSON_ReplaceItemViaPoin.patch 
 
 BuildRequires:  gcc
 BuildRequires:  cmake
 
+
+
 %description
 cJSON aims to be the dumbest possible parser that you can get your job
 done with. It's a single file of C, and a single header file.
@@ -54,6 +57,9 @@ rm -f %{buildroot}%{_libdir}/cmake/cJSON/*.cmake
 %{_includedir}/cjson/
 
 %changelog
+* Tue May 07 2024 xiaozai <xiaozai@kylinos.cn> - 1.7.15-5
+- Fix a null pointer crash in cJSON_ReplaceItemViaPointer
+
 * Fri Apr 26 2024 lvfei <lvfei@kylinos.cn> - 1.7.15-4
 - fix CVE-2024-31755