Fix SAST findings in jq 1.6
Resolves: RHEL-28653
This commit is contained in:
parent
82160163a2
commit
d58da5b4b5
52
0005-sast.patch
Normal file
52
0005-sast.patch
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
diff -up jq-1.6/src/jq_test.c.orig jq-1.6/src/jq_test.c
|
||||||
|
--- jq-1.6/src/jq_test.c.orig 2024-05-03 11:47:47.403617188 +0200
|
||||||
|
+++ jq-1.6/src/jq_test.c 2024-05-03 11:48:46.569675199 +0200
|
||||||
|
@@ -16,6 +16,7 @@ static void run_jq_pthread_tests();
|
||||||
|
|
||||||
|
int jq_testsuite(jv libdirs, int verbose, int argc, char* argv[]) {
|
||||||
|
FILE *testdata = stdin;
|
||||||
|
+ const char *testdata_filename = NULL;
|
||||||
|
int skip = -1;
|
||||||
|
int take = -1;
|
||||||
|
jv_test();
|
||||||
|
@@ -28,18 +29,24 @@ int jq_testsuite(jv libdirs, int verbose
|
||||||
|
take = atoi(argv[i+1]);
|
||||||
|
i++;
|
||||||
|
} else {
|
||||||
|
- testdata = fopen(argv[i], "r");
|
||||||
|
- if (!testdata) {
|
||||||
|
- perror("fopen");
|
||||||
|
- exit(1);
|
||||||
|
- }
|
||||||
|
+ testdata_filename = argv[i];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
+ if (testdata_filename) {
|
||||||
|
+ testdata = fopen(testdata_filename, "r");
|
||||||
|
+ if (!testdata) {
|
||||||
|
+ perror("fopen");
|
||||||
|
+ exit(1);
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
run_jq_tests(libdirs, verbose, testdata, skip, take);
|
||||||
|
#ifdef HAVE_PTHREAD
|
||||||
|
run_jq_pthread_tests();
|
||||||
|
#endif
|
||||||
|
+ if (testdata_filename) {
|
||||||
|
+ fclose(testdata);
|
||||||
|
+ }
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff -up jq-1.6/src/locfile.c.orig jq-1.6/src/locfile.c
|
||||||
|
--- jq-1.6/src/locfile.c.orig 2018-11-02 02:49:29.000000000 +0100
|
||||||
|
+++ jq-1.6/src/locfile.c 2024-05-03 11:15:46.562476303 +0200
|
||||||
|
@@ -72,6 +72,7 @@ void locfile_locate(struct locfile* l, l
|
||||||
|
}
|
||||||
|
|
||||||
|
jv m1 = jv_string_vfmt(fmt, fmtargs);
|
||||||
|
+ va_end(fmtargs);
|
||||||
|
if (!jv_is_valid(m1)) {
|
||||||
|
jq_report_error(l->jq, m1);
|
||||||
|
return;
|
7
jq.spec
7
jq.spec
@ -1,6 +1,6 @@
|
|||||||
Name: jq
|
Name: jq
|
||||||
Version: 1.6
|
Version: 1.6
|
||||||
Release: 16%{?dist}
|
Release: 17%{?dist}
|
||||||
Summary: Command-line JSON processor
|
Summary: Command-line JSON processor
|
||||||
|
|
||||||
License: MIT and ASL 2.0 and CC-BY and GPLv3
|
License: MIT and ASL 2.0 and CC-BY and GPLv3
|
||||||
@ -12,6 +12,7 @@ Patch1: 0001-iterration-problem-for-non-decimal-string.patch
|
|||||||
Patch2: 0002-add-mantest.patch
|
Patch2: 0002-add-mantest.patch
|
||||||
Patch3: 0003-fix-pthread-segfault.patch
|
Patch3: 0003-fix-pthread-segfault.patch
|
||||||
Patch4: 0004-make-jq-fast.patch
|
Patch4: 0004-make-jq-fast.patch
|
||||||
|
Patch5: 0005-sast.patch
|
||||||
|
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: flex
|
BuildRequires: flex
|
||||||
@ -102,6 +103,10 @@ make check
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri May 3 2024 Tomas Halman <thalman@redhat.com> - 1.6-17
|
||||||
|
- Fix SAST findings in jq 1.6
|
||||||
|
- Resolves: RHEL-28653
|
||||||
|
|
||||||
* Fri Oct 13 2023 Tomas Halman <thalman@redhat.com> - 1.6-16
|
* Fri Oct 13 2023 Tomas Halman <thalman@redhat.com> - 1.6-16
|
||||||
- Make jq 1.6 fast
|
- Make jq 1.6 fast
|
||||||
- Resolves: RHEL-13431
|
- Resolves: RHEL-13431
|
||||||
|
Loading…
Reference in New Issue
Block a user