From 48fab61885c850363a66541f85abbbcf89b060e0 Mon Sep 17 00:00:00 2001
From: zhangrui <zhangrui182@huawei.com>
Date: Fri, 21 Apr 2023 11:17:29 +0800
Subject: [PATCH] backport patch to fix integer overflow

---
 ...ck-for-integer-overflow-when-parsing.patch | 52 +++++++++++++++++++
 json-c.spec                                   |  6 ++-
 2 files changed, 57 insertions(+), 1 deletion(-)
 create mode 100644 backport-Explicitly-check-for-integer-overflow-when-parsing.patch

diff --git a/backport-Explicitly-check-for-integer-overflow-when-parsing.patch b/backport-Explicitly-check-for-integer-overflow-when-parsing.patch
new file mode 100644
index 0000000..64dc78d
--- /dev/null
+++ b/backport-Explicitly-check-for-integer-overflow-when-parsing.patch
@@ -0,0 +1,52 @@
+From d6f46ae104871360f84695737864870c97adfd14 Mon Sep 17 00:00:00 2001
+From: Eric Haszlakiewicz <erh+git@nimenees.com>
+Date: Sun, 30 Oct 2022 19:29:15 +0000
+Subject: [PATCH] Explicitly check for integer overflow/underflow when 
+ parsing integers with JSON_TOKENER_STRICT.
+
+Reference:https://github.com/json-c/json-c/commit/d6f46ae104871360f84695737864870c97adfd14
+Conflict:Ignore changes in the ChangeLog and test because the pre-feature patch is not merged
+
+---
+ json_tokener.c | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/json_tokener.c b/json_tokener.c
+index 0c09b66..1feee65 100644
+--- a/json_tokener.c
++++ b/json_tokener.c
+@@ -17,6 +17,7 @@
+ 
+ #include "math_compat.h"
+ #include <assert.h>
++#include <errno.h>
+ #include <limits.h>
+ #include <math.h>
+ #include <stddef.h>
+@@ -991,6 +992,11 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char *
+ 				if (!tok->is_double && tok->pb->buf[0] == '-' &&
+ 				    json_parse_int64(tok->pb->buf, &num64) == 0)
+ 				{
++					if (errno == ERANGE && (tok->flags & JSON_TOKENER_STRICT))
++					{
++						tok->err = json_tokener_error_parse_number;
++						goto out;
++					}
+ 					current = json_object_new_int64(num64);
+ 					if (current == NULL)
+ 						goto out;
+@@ -998,6 +1004,11 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char *
+ 				else if (!tok->is_double && tok->pb->buf[0] != '-' &&
+ 				         json_parse_uint64(tok->pb->buf, &numuint64) == 0)
+ 				{
++					if(errno==ERANGE&&(tok->flags & JSON_TOKENER_STRICT))
++					{
++						tok->err=json_tokener_error_parse_number;
++						goto out;
++					}
+ 					if (numuint64 && tok->pb->buf[0] == '0' &&
+ 					    (tok->flags & JSON_TOKENER_STRICT))
+ 					{
+-- 
+2.27.0
+
diff --git a/json-c.spec b/json-c.spec
index 792a432..0014398 100644
--- a/json-c.spec
+++ b/json-c.spec
@@ -6,7 +6,7 @@
 
 Name:           json-c
 Version:        0.16
-Release:        2
+Release:        3
 Summary:        JSON implementation in C
 
 License:        MIT
@@ -18,6 +18,7 @@ BuildRequires:  cmake gcc ninja-build
 Patch6001:      backport-Add-test-to-check-for-the-memory-leak-mentioned-in-issue-781.patch
 Patch6002:      backport-Fix-memory-leak-with-emtpy-strings-in-json_object_set_string.patch
 Patch6003:      backport-json_object_from_fd_ex-fail-if-file-is-too-large.patch
+Patch6004:      backport-Explicitly-check-for-integer-overflow-when-parsing.patch
 
 %description
 JSON-C implements a reference counting object model that allows you
@@ -105,6 +106,9 @@ end
 %doc %{_pkgdocdir}
 
 %changelog
+* Fri Apr 21 2023 zhangrui <zhangrui182@huawei.com> - 0.16-3
+- backport patch to fix integer overflow
+
 * Mon Nov 14 2022 mengkanglai <mengkanglai2@huawei.com> - 0.16-2
 - add backport-Add-test-to-check-for-the-memory-leak-mentioned-in-issue-781.patch
 - add backport-Fix-memory-leak-with-emtpy-strings-in-json_object_set_string.patch