From 24c09a61cce8e89990814d7d03f7ff957f40083e Mon Sep 17 00:00:00 2001
From: starlet-dx <15929766099@163.com>
Date: Fri, 1 Mar 2024 11:00:29 +0800
Subject: [PATCH] Fix CVE-2023-51074

---
 CVE-2023-51074.patch | 70 ++++++++++++++++++++++++++++++++++++++++++++
 json-path.spec       | 13 ++++----
 2 files changed, 78 insertions(+), 5 deletions(-)
 create mode 100644 CVE-2023-51074.patch

diff --git a/CVE-2023-51074.patch b/CVE-2023-51074.patch
new file mode 100644
index 0000000..5296adb
--- /dev/null
+++ b/CVE-2023-51074.patch
@@ -0,0 +1,70 @@
+From 71a09c1193726c010917f1157ecbb069ad6c3e3b Mon Sep 17 00:00:00 2001
+From: Tobi <22715034+twobiers@users.noreply.github.com>
+Date: Thu, 18 Jan 2024 16:48:57 +0100
+Subject: [PATCH] Check for the existence of the next significant bracket
+ (#985)
+
+---
+ .../jayway/jsonpath/internal/path/PathCompiler.java  |  6 +++++-
+ .../src/test/java/com/jayway/jsonpath/Issue_970.java | 12 ++++++++++++
+ .../src/test/java/com/jayway/jsonpath/Issue_973.java | 12 ++++++++++++
+ 3 files changed, 29 insertions(+), 1 deletion(-)
+ create mode 100644 json-path/src/test/java/com/jayway/jsonpath/Issue_970.java
+ create mode 100644 json-path/src/test/java/com/jayway/jsonpath/Issue_973.java
+
+diff --git a/json-path/src/main/java/com/jayway/jsonpath/internal/path/PathCompiler.java b/json-path/src/main/java/com/jayway/jsonpath/internal/path/PathCompiler.java
+index e4fcd31..e0fb96e 100644
+--- a/json-path/src/main/java/com/jayway/jsonpath/internal/path/PathCompiler.java
++++ b/json-path/src/main/java/com/jayway/jsonpath/internal/path/PathCompiler.java
+@@ -374,7 +374,11 @@ public class PathCompiler {
+             readPosition++;
+         }
+ 
+-        int endBracketIndex = path.indexOfNextSignificantChar(endPosition, CLOSE_SQUARE_BRACKET) + 1;
++        int endBracketIndex = path.indexOfNextSignificantChar(endPosition, CLOSE_SQUARE_BRACKET);
++        if(endBracketIndex == -1) {
++            fail("Property has not been closed - missing closing ]");
++        }
++        endBracketIndex++;
+ 
+         path.setPosition(endBracketIndex);
+ 
+diff --git a/json-path/src/test/java/com/jayway/jsonpath/Issue_970.java b/json-path/src/test/java/com/jayway/jsonpath/Issue_970.java
+new file mode 100644
+index 0000000..25f52b7
+--- /dev/null
++++ b/json-path/src/test/java/com/jayway/jsonpath/Issue_970.java
+@@ -0,0 +1,12 @@
++package com.jayway.jsonpath;
++
++import org.junit.Test;
++
++import static org.assertj.core.api.Assertions.assertThatNoException;
++
++public class Issue_970 {
++    @Test
++    public void shouldNotCauseStackOverflow() {
++        assertThatNoException().isThrownBy(() -> Criteria.where("[']',"));
++    }
++}
+diff --git a/json-path/src/test/java/com/jayway/jsonpath/Issue_973.java b/json-path/src/test/java/com/jayway/jsonpath/Issue_973.java
+new file mode 100644
+index 0000000..a1d05ac
+--- /dev/null
++++ b/json-path/src/test/java/com/jayway/jsonpath/Issue_973.java
+@@ -0,0 +1,12 @@
++package com.jayway.jsonpath;
++
++import org.junit.Test;
++
++import static org.assertj.core.api.Assertions.*;
++
++public class Issue_973 {
++    @Test
++    public void shouldNotCauseStackOverflow() {
++        assertThatNoException().isThrownBy(() -> Criteria.parse("@[\"\",/\\"));
++    }
++}
+-- 
+2.33.0
+
diff --git a/json-path.spec b/json-path.spec
index 7a856df..6c8a61a 100644
--- a/json-path.spec
+++ b/json-path.spec
@@ -1,6 +1,6 @@
 Name:                json-path
 Version:             2.1.0
-Release:             2
+Release:             3
 Summary:             Java JsonPath implementation
 License:             ASL 2.0 and BSD
 URL:                 https://github.com/jayway/JsonPath
@@ -9,6 +9,8 @@ Source1:             https://repo1.maven.org/maven2/com/jayway/jsonpath/json-pat
 Source2:             https://repo1.maven.org/maven2/com/jayway/jsonpath/json-path-assert/%{version}/json-path-assert-%{version}.pom
 Patch0:              %{name}-2.1.0-JsonOrg.patch
 Patch1:              fix-Upgrade-to-Hamcrest-2.2.patch
+# https://github.com/json-path/JsonPath/commit/71a09c1193726c010917f1157ecbb069ad6c3e3b
+Patch2:              CVE-2023-51074.patch
 BuildRequires:       maven-local mvn(com.fasterxml.jackson.core:jackson-databind)
 BuildRequires:       mvn(com.google.code.gson:gson) mvn(commons-io:commons-io) mvn(junit:junit)
 BuildRequires:       mvn(net.minidev:json-smart) mvn(org.apache.felix:maven-bundle-plugin)
@@ -24,13 +26,11 @@ Summary:             Javadoc for %{name}
 This package contains javadoc for %{name}.
 
 %prep
-%setup -q -n JsonPath-%{name}-%{version}
+%autosetup -n JsonPath-%{name}-%{version} -p1
 find -type f -name *.jar -print -delete
 find -type f -name *.class -print -delete
 cp -p %{SOURCE1} %{name}/pom.xml
 cp -p %{SOURCE2} %{name}-assert/pom.xml
-%patch0 -p1
-%patch1 -p1
 rm -rf %{name}/src/main/java/com/jayway/jsonpath/spi/json/JsonOrg*.java \
  %{name}/src/main/java/com/jayway/jsonpath/spi/mapper/JsonOrg*.java \
  %{name}/src/test/java/com/jayway/jsonpath/JsonOrg*.java
@@ -94,7 +94,7 @@ done
 %mvn_package :%{name}-parent __noinstall
 
 %build
-%mvn_build -- -Dproject.build.sourceEncoding=UTF-8
+%mvn_build -f -- -Dproject.build.sourceEncoding=UTF-8 -Dsource=8
 
 %install
 %mvn_install
@@ -107,6 +107,9 @@ done
 %license LICENSE
 
 %changelog
+* Fri Mar 01 2024 yaoxin <yao_xin001@hoperun.com> - 2.1.0-3
+- Fix CVE-2023-51074
+
 * Sat Oct 07 2023 wangkai <13474090681@163.com> - 2.1.0-2
 - Fix build error for hamcrest-2.2