diff --git a/backport-Fix-issue-875-cast-to-unsigned-char-so-bytes-above-0.patch b/backport-Fix-issue-875-cast-to-unsigned-char-so-bytes-above-0.patch new file mode 100644 index 0000000..f8e6dac --- /dev/null +++ b/backport-Fix-issue-875-cast-to-unsigned-char-so-bytes-above-0.patch @@ -0,0 +1,172 @@ +From 565f181f656439847ef79650caad5c0b6c20171b Mon Sep 17 00:00:00 2001 +From: Eric Hawicz +Date: Fri, 8 Nov 2024 22:20:40 -0500 +Subject: [PATCH] Fix issue #875: cast to unsigned char so bytes above 0x7f + aren't interpreted as negative, which was causing the strict-mode control + characters check to incorrectly trigger. + +--- + json_tokener.c | 2 +- + tests/test_parse.c | 17 ++++++++++++++--- + tests/test_parse.expected | 13 ++++++++++--- + 3 files changed, 25 insertions(+), 7 deletions(-) + +diff --git a/json_tokener.c b/json_tokener.c +index c831f8a..773229e 100644 +--- a/json_tokener.c ++++ b/json_tokener.c +@@ -678,7 +678,7 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char * + state = json_tokener_state_string_escape; + break; + } +- else if ((tok->flags & JSON_TOKENER_STRICT) && c <= 0x1f) ++ else if ((tok->flags & JSON_TOKENER_STRICT) && (unsigned char)c <= 0x1f) + { + // Disallow control characters in strict mode + tok->err = json_tokener_error_parse_string; +diff --git a/tests/test_parse.c b/tests/test_parse.c +index d664a31..525f68c 100644 +--- a/tests/test_parse.c ++++ b/tests/test_parse.c +@@ -297,6 +297,7 @@ struct incremental_step + {"d", -1, -1, json_tokener_continue, 0, 0}, + {"1", -1, -1, json_tokener_continue, 0, 0}, + {"e\"", -1, -1, json_tokener_success, 1, 0}, ++ + /* parse two char at every time */ + {"\"\\u", -1, -1, json_tokener_continue, 0, 0}, + {"d8", -1, -1, json_tokener_continue, 0, 0}, +@@ -322,6 +323,11 @@ struct incremental_step + {"\"fff \\ud83d\\ude", -1, -1, json_tokener_continue, 0, 0}, + {"00 bar\"", -1, -1, json_tokener_success, 1, 0}, + ++ /* Check a utf-8 char (a+umlaut) that has bytes that look negative when ++ char are signed (see also control char check below) */ ++ {"\"\xc3\xa4\"", -1, -1, json_tokener_success, 1, 0}, ++ {"\"\xc3\xa4\"", -1, -1, json_tokener_success, 1, JSON_TOKENER_STRICT}, ++ + /* Check that json_tokener_reset actually resets */ + {"{ \"foo", -1, -1, json_tokener_continue, 1, 0}, + {": \"bar\"}", -1, 0, json_tokener_error_parse_unexpected, 1, 0}, +@@ -394,8 +400,8 @@ struct incremental_step + + {"Infinity", 9, 8, json_tokener_success, 1, 0}, + {"infinity", 9, 8, json_tokener_success, 1, 0}, +- {"-infinity", 10, 9, json_tokener_success, 1, 0}, + {"infinity", 9, 0, json_tokener_error_parse_unexpected, 1, JSON_TOKENER_STRICT}, ++ {"-infinity", 10, 9, json_tokener_success, 1, 0}, + {"-infinity", 10, 1, json_tokener_error_parse_unexpected, 1, JSON_TOKENER_STRICT}, + + {"inf", 3, 3, json_tokener_continue, 0, 0}, +@@ -462,12 +468,15 @@ struct incremental_step + {"[18446744073709551616]", 23, 21, json_tokener_error_parse_number, 1, JSON_TOKENER_STRICT}, + + /* XXX this seems like a bug, should fail with _error_parse_number instead */ ++ {"18446744073709551616", 21, 20, json_tokener_success, 1, 0}, + {"18446744073709551616", 21, 20, json_tokener_error_parse_eof, 1, JSON_TOKENER_STRICT}, + + /* Exceeding integer limits as double parse OK */ + {"[9223372036854775808.0]", 24, 23, json_tokener_success, 1, 0}, ++ {"[-9223372036854775809.0]", 25, 24, json_tokener_success, 1, 0}, + {"[-9223372036854775809.0]", 25, 24, json_tokener_success, 1, JSON_TOKENER_STRICT}, + {"[18446744073709551615.0]", 25, 24, json_tokener_success, 1, 0}, ++ {"[18446744073709551616.0]", 25, 24, json_tokener_success, 1, 0}, + {"[18446744073709551616.0]", 25, 24, json_tokener_success, 1, JSON_TOKENER_STRICT}, + + /* offset=1 because "n" is the start of "null". hmm... */ +@@ -524,6 +533,7 @@ struct incremental_step + {"\"\\a\"", -1, 2, json_tokener_error_parse_string, 1, 0}, + + /* Check '\'' in strict model */ ++ {"\'foo\'", -1, 5, json_tokener_success, 1, 0}, + {"\'foo\'", -1, 0, json_tokener_error_parse_unexpected, 1, JSON_TOKENER_STRICT}, + + /* Parse array/object */ +@@ -544,9 +554,10 @@ struct incremental_step + * in what we accept (up to a point). + */ + {"[1,2,3,]", -1, -1, json_tokener_success, 0, 0}, ++ {"[1,2,3,]", -1, 7, json_tokener_error_parse_unexpected, 1, JSON_TOKENER_STRICT}, + {"[1,2,,3,]", -1, 5, json_tokener_error_parse_unexpected, 0, 0}, ++ {"[1,2,,3,]", -1, 5, json_tokener_error_parse_unexpected, 0, JSON_TOKENER_STRICT}, + +- {"[1,2,3,]", -1, 7, json_tokener_error_parse_unexpected, 1, JSON_TOKENER_STRICT}, + {"{\"a\":1,}", -1, 7, json_tokener_error_parse_unexpected, 1, JSON_TOKENER_STRICT}, + + // utf-8 test +@@ -656,7 +667,7 @@ static void test_incremental_parse(void) + printf("json_tokener_parse(%s) ... ", string_to_parse); + new_obj = json_tokener_parse(string_to_parse); + if (new_obj == NULL) +- puts("got error as expected"); ++ printf("%s", "got error as expected\n"); + + /* test incremental parsing in various forms */ + tok = json_tokener_new(); +diff --git a/tests/test_parse.expected b/tests/test_parse.expected +index 82db5db..cc5dd10 100644 +--- a/tests/test_parse.expected ++++ b/tests/test_parse.expected +@@ -134,6 +134,8 @@ json_tokener_parse_ex(tok, "fff \ud834\udd, 15) ... OK: got correct error: cont + json_tokener_parse_ex(tok, 1e bar" , 7) ... OK: got object of type [string]: "fff 𝄞 bar" + json_tokener_parse_ex(tok, "fff \ud83d\ude, 15) ... OK: got correct error: continue + json_tokener_parse_ex(tok, 00 bar" , 7) ... OK: got object of type [string]: "fff 😀 bar" ++json_tokener_parse_ex(tok, "ä" , 4) ... OK: got object of type [string]: "ä" ++json_tokener_parse_ex(tok, "ä" , 4) ... OK: got object of type [string]: "ä" + json_tokener_parse_ex(tok, { "foo , 6) ... OK: got correct error: continue + json_tokener_parse_ex(tok, : "bar"} , 8) ... OK: got correct error: unexpected character + json_tokener_parse_ex(tok, { "foo , 6) ... OK: got correct error: continue +@@ -177,8 +179,8 @@ json_tokener_parse_ex(tok, null , 4) ... OK: got correct error: continu + json_tokener_parse_ex(tok, null , 5) ... OK: got object of type [null]: null + json_tokener_parse_ex(tok, Infinity , 9) ... OK: got object of type [double]: Infinity + json_tokener_parse_ex(tok, infinity , 9) ... OK: got object of type [double]: Infinity +-json_tokener_parse_ex(tok, -infinity , 10) ... OK: got object of type [double]: -Infinity + json_tokener_parse_ex(tok, infinity , 9) ... OK: got correct error: unexpected character ++json_tokener_parse_ex(tok, -infinity , 10) ... OK: got object of type [double]: -Infinity + json_tokener_parse_ex(tok, -infinity , 10) ... OK: got correct error: unexpected character + json_tokener_parse_ex(tok, inf , 3) ... OK: got correct error: continue + json_tokener_parse_ex(tok, inity , 6) ... OK: got object of type [double]: Infinity +@@ -218,11 +220,14 @@ json_tokener_parse_ex(tok, [-9223372036854775809], 23) ... OK: got correct erro + json_tokener_parse_ex(tok, [18446744073709551615], 23) ... OK: got object of type [array]: [ 18446744073709551615 ] + json_tokener_parse_ex(tok, [18446744073709551616], 23) ... OK: got object of type [array]: [ 18446744073709551615 ] + json_tokener_parse_ex(tok, [18446744073709551616], 23) ... OK: got correct error: number expected ++json_tokener_parse_ex(tok, 18446744073709551616, 21) ... OK: got object of type [int]: 18446744073709551615 + json_tokener_parse_ex(tok, 18446744073709551616, 21) ... OK: got correct error: unexpected end of data + json_tokener_parse_ex(tok, [9223372036854775808.0], 24) ... OK: got object of type [array]: [ 9223372036854775808.0 ] + json_tokener_parse_ex(tok, [-9223372036854775809.0], 25) ... OK: got object of type [array]: [ -9223372036854775809.0 ] ++json_tokener_parse_ex(tok, [-9223372036854775809.0], 25) ... OK: got object of type [array]: [ -9223372036854775809.0 ] + json_tokener_parse_ex(tok, [18446744073709551615.0], 25) ... OK: got object of type [array]: [ 18446744073709551615.0 ] + json_tokener_parse_ex(tok, [18446744073709551616.0], 25) ... OK: got object of type [array]: [ 18446744073709551616.0 ] ++json_tokener_parse_ex(tok, [18446744073709551616.0], 25) ... OK: got object of type [array]: [ 18446744073709551616.0 ] + json_tokener_parse_ex(tok, noodle , 7) ... OK: got correct error: null expected + json_tokener_parse_ex(tok, naodle , 7) ... OK: got correct error: null expected + json_tokener_parse_ex(tok, track , 6) ... OK: got correct error: boolean expected +@@ -250,6 +255,7 @@ json_tokener_parse_ex(tok, "\t" , 4) ... OK: got object of type [string + json_tokener_parse_ex(tok, "\/" , 4) ... OK: got object of type [string]: "\/" + json_tokener_parse_ex(tok, "/" , 3) ... OK: got object of type [string]: "\/" + json_tokener_parse_ex(tok, "\a" , 4) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, 'foo' , 5) ... OK: got object of type [string]: "foo" + json_tokener_parse_ex(tok, 'foo' , 5) ... OK: got correct error: unexpected character + json_tokener_parse_ex(tok, [1,2,3] , 7) ... OK: got object of type [array]: [ 1, 2, 3 ] + json_tokener_parse_ex(tok, [1,2,3} , 7) ... OK: got correct error: array value separator ',' expected +@@ -263,8 +269,9 @@ json_tokener_parse_ex(tok, {"a":1 , 6) ... OK: got correct error: continu + json_tokener_parse_ex(tok, [,] , 3) ... OK: got correct error: unexpected character + json_tokener_parse_ex(tok, [,1] , 4) ... OK: got correct error: unexpected character + json_tokener_parse_ex(tok, [1,2,3,] , 8) ... OK: got object of type [array]: [ 1, 2, 3 ] +-json_tokener_parse_ex(tok, [1,2,,3,] , 9) ... OK: got correct error: unexpected character + json_tokener_parse_ex(tok, [1,2,3,] , 8) ... OK: got correct error: unexpected character ++json_tokener_parse_ex(tok, [1,2,,3,] , 9) ... OK: got correct error: unexpected character ++json_tokener_parse_ex(tok, [1,2,,3,] , 9) ... OK: got correct error: unexpected character + json_tokener_parse_ex(tok, {"a":1,} , 8) ... OK: got correct error: unexpected character + json_tokener_parse_ex(tok, "123asc$%&" , 11) ... OK: got object of type [string]: "123asc$%&" + json_tokener_parse_ex(tok, "123asc$%&" , 11) ... OK: got object of type [string]: "123asc$%&" +@@ -322,5 +329,5 @@ json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid + json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence + json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence + json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence +-End Incremental Tests OK=230 ERROR=0 ++End Incremental Tests OK=237 ERROR=0 + ================================== +-- +2.43.0 + diff --git a/backport-Fix-the-expected-output-for-test_parse.patch b/backport-Fix-the-expected-output-for-test_parse.patch new file mode 100644 index 0000000..1b67d36 --- /dev/null +++ b/backport-Fix-the-expected-output-for-test_parse.patch @@ -0,0 +1,57 @@ +From 87900c0a2e688013d50326931eaa835b5a80f56b Mon Sep 17 00:00:00 2001 +From: Eric Hawicz +Date: Sun, 15 Sep 2024 11:59:05 -0400 +Subject: [PATCH] Fix the expected output for test_parse + +--- + tests/test_parse.expected | 36 +++++++++++++++++++++++++++++++++++- + 1 file changed, 35 insertions(+), 1 deletion(-) + +diff --git a/tests/test_parse.expected b/tests/test_parse.expected +index 50fb6d8..82db5db 100644 +--- a/tests/test_parse.expected ++++ b/tests/test_parse.expected +@@ -288,5 +288,39 @@ json_tokener_parse_ex(tok, "\ud855 + json_tokener_parse_ex(tok, "\ud0031" , 10) ... OK: got correct error: invalid utf-8 string + json_tokener_parse_ex(tok, 1111 , 5) ... OK: got correct error: invalid utf-8 string + json_tokener_parse_ex(tok, {"1":1} , 8) ... OK: got correct error: invalid utf-8 string +-End Incremental Tests OK=198 ERROR=0 ++json_tokener_parse_ex(tok, "0 ++ ", 36) ... OK: got object of type [string]: "0\u0001\u0002\u0002\u0003\u0004\u0005\u0006\u0007\b\t\n\u000b\f\r\u000e\u000f\u0010\u0011\u0012\u0012\u0013\u0014\u0015\u0016\u0017\u0018\u0019\u001a\u001b\u001c\u001d\u001e\u001f" ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, " " , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, " ++" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, " " , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, " " , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, " " , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++json_tokener_parse_ex(tok, "" , 3) ... OK: got correct error: invalid string sequence ++End Incremental Tests OK=230 ERROR=0 + ================================== +-- +2.43.0 + diff --git a/backport-Issue-867-disallow-control-characters-in-strict-mode.patch b/backport-Issue-867-disallow-control-characters-in-strict-mode.patch new file mode 100644 index 0000000..e5f49c5 --- /dev/null +++ b/backport-Issue-867-disallow-control-characters-in-strict-mode.patch @@ -0,0 +1,88 @@ +From 6bfab90c87c27e79eae28b775938756d2fdaf6c9 Mon Sep 17 00:00:00 2001 +From: Eric Hawicz +Date: Mon, 2 Sep 2024 09:43:04 -0400 +Subject: [PATCH] Issue #867: disallow control characters in strict mode. + +--- + json_tokener.c | 6 ++++++ + tests/test_parse.c | 40 +++++++++++++++++++++++++++++++++++++++- + 2 files changed, 45 insertions(+), 1 deletion(-) + +diff --git a/json_tokener.c b/json_tokener.c +index 0a86d82..c831f8a 100644 +--- a/json_tokener.c ++++ b/json_tokener.c +@@ -678,6 +678,12 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char * + state = json_tokener_state_string_escape; + break; + } ++ else if ((tok->flags & JSON_TOKENER_STRICT) && c <= 0x1f) ++ { ++ // Disallow control characters in strict mode ++ tok->err = json_tokener_error_parse_string; ++ goto out; ++ } + if (!ADVANCE_CHAR(str, tok) || !PEEK_CHAR(c, tok)) + { + printbuf_memappend_checked(tok->pb, case_start, +diff --git a/tests/test_parse.c b/tests/test_parse.c +index 92d822a..d664a31 100644 +--- a/tests/test_parse.c ++++ b/tests/test_parse.c +@@ -535,7 +535,7 @@ struct incremental_step + {"{\"a\":}", -1, 5, json_tokener_error_parse_unexpected, 1, 0}, + {"{\"a\":1,\"a\":2}", -1, -1, json_tokener_success, 1, 0}, + {"\"a\":1}", -1, 3, json_tokener_success, 1, 0}, +- {"{\"a\":1", -1, -1, json_tokener_continue, 1, 0}, ++ {"{\"a\":1", -1, -1, json_tokener_continue, 1, 0}, //} + {"[,]", -1, 1, json_tokener_error_parse_unexpected, 1, 0}, + {"[,1]", -1, 1, json_tokener_error_parse_unexpected, 1, 0}, + +@@ -595,6 +595,44 @@ struct incremental_step + {"\x7b\x22\x31\x81\x22\x3a\x31\x7d", -1, 3, json_tokener_error_parse_utf8_string, 1, + JSON_TOKENER_VALIDATE_UTF8}, + ++ // Note, current asciiz APIs can't parse \x00, skip it ++ { "\"0\x01\x02\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" \ ++ "\x10\x11\x12\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\"", ++ -1, -1, json_tokener_success, 1, 0 }, ++ ++ // Test control chars again, this time in strict mode, which should fail ++ { "\"\x01\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x02\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x03\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x04\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x05\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x06\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x07\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x08\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x09\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x0a\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x0b\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x0c\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x0d\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x0e\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x0f\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x10\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x11\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x12\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x13\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x14\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x15\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x16\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x17\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x18\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x19\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x1a\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x1b\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x1c\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x1d\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x1e\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ { "\"\x1f\"", -1, 1, json_tokener_error_parse_string, 1, JSON_TOKENER_STRICT }, ++ + {NULL, -1, -1, json_tokener_success, 0, 0}, + }; + +-- +2.43.0 + diff --git a/json-c.spec b/json-c.spec index abaa63a..92b8260 100644 --- a/json-c.spec +++ b/json-c.spec @@ -6,7 +6,7 @@ Name: json-c Version: 0.17 -Release: 4 +Release: 5 Summary: JSON implementation in C License: MIT @@ -19,6 +19,9 @@ Patch001: backport-fix-issue-854-Set-error-json_tokener_error_memory-in.pa Patch002: backport-Handle-yet-another-out-of-memory-condition.patch Patch003: backport-Issue-857-fix-a-few-places-where-json_tokener-should.patch Patch004: backport-Take-2-fixing-the-placement-of-json_tokener_error_memory.patch +Patch005: backport-Issue-867-disallow-control-characters-in-strict-mode.patch +Patch006: backport-Fix-the-expected-output-for-test_parse.patch +Patch007: backport-Fix-issue-875-cast-to-unsigned-char-so-bytes-above-0.patch %description JSON-C implements a reference counting object model that allows you @@ -106,6 +109,11 @@ end %doc %{_pkgdocdir} %changelog +* Wed Dec 04 2024 yueyuankun - 0.17-5 +- Disallow control characters in strict mode +- Fix the expected output for test_parse +- Fix causing the strict-mode control characters check to incorrectly trigger + * Tue Sep 24 2024 sunhai - 0.17-4 - Take 2 fixing the placement of json_tokener_error_memory in the enum.