packages/json-c
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!21 add backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch

Browse Source 
From: @wcc_140409 
Reviewed-by: @t_feng, @yanan-rock 
Signed-off-by: @yanan-rock, @t_feng
This commit is contained in:
openeuler-ci-bot 2022-05-06 09:39:19 +00:00 committed by Gitee
commit f5ab3ee920
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 54 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch Normal file
View File

@ -0,0 +1,48 @@
From 296db618e9d1862aea788e90e751b4999db41a2a Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Wed, 12 Jan 2022 23:43:03 +0100
Subject: [PATCH] json_escape_str(): avoid harmless unsigned integer overflow
Current behaviour is perfectly valid, since wrap-over upon overflow is
well defined behaviour for unsigned types, but it is nevertheless nice to be
able to build with -fsanitize=undefined,unsigned-integer-overflow
There is no significant effect on the generated assembly as can be seen
on the diff of objdump -d output on a optimized build (the compiler
just decided to switch the order of a comparison):
@@ -135,8 +135,8 @@
1d0: 0f 84 70 ff ff ff je 146 <json_escape_str+0x146>
1d6: 4c 3b 24 24 cmp (%rsp),%r12
1da: 0f 85 2d ff ff ff jne 10d <json_escape_str+0x10d>
- 1e0: 49 39 f4 cmp %rsi,%r12
- 1e3: 0f 87 b7 00 00 00 ja 2a0 <json_escape_str+0x2a0>
+ 1e0: 4c 39 e6 cmp %r12,%rsi
+ 1e3: 0f 82 b7 00 00 00 jb 2a0 <json_escape_str+0x2a0>
1e9: 48 8b 44 24 18 mov 0x18(%rsp),%rax
1ee: 64 48 33 04 25 28 00 xor %fs:0x28,%rax
1f5: 00 00
Conflict:NA
Reference:https://github.com/json-c/json-c/commit/296db618e9d1862aea788e90e751b4999db41a2a
---
json_object.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/json_object.c b/json_object.c
index 9198257..3216941 100644
--- a/json_object.c
+++ b/json_object.c
@@ -216,8 +216,9 @@ static int json_escape_str(struct printbuf *pb, const char *str, size_t len, int
{
int pos = 0, start_offset = 0;
unsigned char c;
- while (len--)
+ while (len)
{
+ --len;
c = str[pos];
switch (c)
{
--
2.27.0

7
json-c.spec
View File

@ -6,7 +6,7 @@
Name: json-c Name: json-c
Version: 0.15 Version: 0.15
Release: 3 Release: 4
Summary: JSON implementation in C Summary: JSON implementation in C
License: MIT License: MIT
@ -27,6 +27,8 @@ Summary: Development files for %{name}
Requires: %{name}%{?_isa} == %{version}-%{release} Requires: %{name}%{?_isa} == %{version}-%{release}
Patch6001: backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch
%description devel %description devel
This package contains libraries and header files for This package contains libraries and header files for
developing applications that use %{name}. developing applications that use %{name}.
@ -96,6 +98,9 @@ hardlink -cfv %{buildroot}%{_pkgdocdir}
%doc %{_pkgdocdir} %doc %{_pkgdocdir}
%changelog %changelog
* Fri May 6 2022 wuchaochao <cyanrose@yeah.net> - 0.15-4
- add backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch
* Thu Apr 7 2022 wuchaochao <cyanrose@yeah.net> - 0.15-3 * Thu Apr 7 2022 wuchaochao <cyanrose@yeah.net> - 0.15-3
- add check - add check