packages/yajl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2017-16516

Browse Source
This commit is contained in:
Filpped 2025-01-14 14:42:29 +08:00
parent 00b5f9effb
commit 61664555a9
2 changed files with 48 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
backport-Fix-for-CVE-2017-16516.patch Normal file
View File

@ -0,0 +1,43 @@
From 0b5e73c4321de0ba1d495fdc0967054b2a77931c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
Date: Mon, 10 Jul 2023 13:36:10 +0100
Subject: [PATCH 5/8] Fix for CVE-2017-16516
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Description: Fix for CVE-2017-16516
Potential buffer overread: A JSON file can cause denial of service.
Origin: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040036
Bug: https://github.com/lloyd/yajl/issues/248
Patch taken from Debian package source
NB, Fedora code can't trigger the reported aborts since it passes the
-DNDEBUG flag, but pulling the fix for robustness in case a future
change enables the assert()s.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
src/yajl_encode.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/yajl_encode.c b/src/yajl_encode.c
index fd08258..0d97cc5 100644
--- a/src/yajl_encode.c
+++ b/src/yajl_encode.c
@@ -139,8 +139,8 @@ void yajl_string_decode(yajl_buf buf, const unsigned char * str,
end+=3;
/* check if this is a surrogate */
if ((codepoint & 0xFC00) == 0xD800) {
- end++;
- if (str[end] == '\\' && str[end + 1] == 'u') {
+ if (end + 2 < len && str[end + 1] == '\\' && str[end + 2] == 'u') {
+ end++;
unsigned int surrogate = 0;
hexToDigit(&surrogate, str + end + 2);
codepoint =
--
2.41.0

6
yajl.spec
View File

@ -1,6 +1,6 @@
Name: yajl
Version: 2.1.0
Release: 20
Release: 21
Summary: Yet Another JSON Library
License: ISC
URL: https://github.com/lloyd/yajl
@ -15,6 +15,7 @@ Patch6: 0006-fix-memory-leak-of-ctx-root.patch
Patch7: 0007-add-cmake-option-for-test-and-binary.patch
Patch8: backport-CVE-2022-24795.patch
Patch9: yajl-assert-error-when-memory-allocation-failed.patch
Patch10: backport-Fix-for-CVE-2017-16516.patch
BuildRequires: cmake gcc
@ -71,6 +72,9 @@ cd ../api
%{_libdir}/libyajl_s.a
%changelog
* Tue Jan 14 2025 pengjian <pengjian23@mails.ucas.ac.cn> - 2.1.0-21
- fix CVE-2017-16516
* Wed Nov 16 2022 fuanan <fuanan3@h-partners.com> - 2.1.0-20
- Modify Source0