fix heap buffer overflow in yaml_emitter_emit_flow_mapping_key

fix-heap-buffer-overflow-in-yaml_emitter_emit_flow_m.patch

@@ -0,0 +1,26 @@
+From 7015a5e99fecc195e36f2334b046b19abfc718c1 Mon Sep 17 00:00:00 2001
+From: panxiaohe <panxh.life@foxmail.com>
+Date: Mon, 18 Apr 2022 15:26:11 +0800
+Subject: [PATCH] fix heap buffer overflow in
+ yaml_emitter_emit_flow_mapping_key
+
+---
+ src/emitter.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/emitter.c b/src/emitter.c
+index 609b28a..a9f39ec 100644
+--- a/src/emitter.c
++++ b/src/emitter.c
+@@ -806,6 +806,8 @@ yaml_emitter_emit_flow_mapping_key(yaml_emitter_t *emitter,
+ 
+     if (event->type == YAML_MAPPING_END_EVENT)
+     {
++        if (STACK_EMPTY(emitter, emitter->indents))
++            return 0;
+         emitter->flow_level --;
+         emitter->indent = POP(emitter, emitter->indents);
+         if (emitter->canonical && !first) {
+-- 
+1.8.3.1
+

libyaml.spec

@@ -1,11 +1,13 @@
 Name:       libyaml
 Version:    0.2.5
-Release:    2
+Release:    3
 Summary:    A C library for parsing and emitting YAML
 License:    MIT
 URL:        http://pyyaml.org/
 Source0:    http://pyyaml.org/download/libyaml/yaml-%{version}.tar.gz
 
+Patch0:     fix-heap-buffer-overflow-in-yaml_emitter_emit_flow_m.patch 
+
 BuildRequires:  gcc
 
 %description
@@ -67,6 +69,9 @@ make check
 
 
 %changelog
+* Mon Apr 18 2022 panxiaohe <panxh.life@foxmail.com> - 0.2.5-3
+- fix heap buffer overflow in yaml_emitter_emit_flow_mapping_key
+
 * Wed Feb 23 2022 fuanan <fuanan3@h-partners.com> - 0.2.5-2
 - fix typo in spec