diff --git a/0007-yajl-fix-memory-leak-problem.patch b/0007-yajl-fix-memory-leak-problem.patch new file mode 100644 index 0000000..0a6be95 --- /dev/null +++ b/0007-yajl-fix-memory-leak-problem.patch @@ -0,0 +1,41 @@ +From c4304a2c04a1b392eb1464a9da892a9e0dff7683 Mon Sep 17 00:00:00 2001 +From: wujing +Date: Thu, 14 Feb 2019 03:12:30 +0800 +Subject: [PATCH 7/8] yajl: fix memory leak problem + +reason: fix memory leak problem +(cherry picked from commit 3d65cb0c6db4d433e5e42ee7d91d8a04e21337cf + in https://github.com/openEuler-BaseService) + +Fixes: https://github.com/lloyd/yajl/issues/250 (CVE-2023-33460) +--- + src/yajl_tree.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/yajl_tree.c b/src/yajl_tree.c +index 3d357a3..4b3cf2b 100644 +--- a/src/yajl_tree.c ++++ b/src/yajl_tree.c +@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx) + ctx->stack = stack->next; + + v = stack->value; +- ++ free (stack->key); + free (stack); + + return (v); +@@ -444,6 +444,10 @@ yajl_val yajl_tree_parse (const char *input, + snprintf(error_buffer, error_buffer_size, "%s", internal_err_str); + YA_FREE(&(handle->alloc), internal_err_str); + } ++ while(ctx.stack != NULL) { ++ yajl_val v = context_pop(&ctx); ++ yajl_tree_free(v); ++ } + yajl_free (handle); + return NULL; + } +-- +2.41.0 + diff --git a/0008-fix-memory-leaks.patch b/0008-fix-memory-leaks.patch new file mode 100644 index 0000000..cc8e5f7 --- /dev/null +++ b/0008-fix-memory-leaks.patch @@ -0,0 +1,30 @@ +From 9cb871049261eeda844b8943d15580763a0ac3d3 Mon Sep 17 00:00:00 2001 +From: "zhang.jiujiu" <282627424@qq.com> +Date: Tue, 7 Dec 2021 22:37:02 +0800 +Subject: [PATCH 8/8] fix memory leaks + +(cherry picked from commit 23a122eddaa28165a6c219000adcc31ff9a8a698 + in https://github.com/openEuler-BaseService) + +Fixes: https://github.com/lloyd/yajl/issues/250 (CVE-2023-33460) +--- + src/yajl_tree.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/yajl_tree.c b/src/yajl_tree.c +index 4b3cf2b..56c7012 100644 +--- a/src/yajl_tree.c ++++ b/src/yajl_tree.c +@@ -449,6 +449,9 @@ yajl_val yajl_tree_parse (const char *input, + yajl_tree_free(v); + } + yajl_free (handle); ++ //If the requested memory is not released in time, it will cause memory leakage ++ if(ctx.root) ++ yajl_tree_free(ctx.root); + return NULL; + } + +-- +2.41.0 + diff --git a/yajl.spec b/yajl.spec index 72e4232..11c3c19 100644 --- a/yajl.spec +++ b/yajl.spec @@ -27,6 +27,8 @@ Patch: 0003-fix-patch-to-test-files-to-take-account-of-vpath.patch Patch: 0004-drop-bogus-_s-suffix-from-yajl-dynamic-library.patch Patch: 0005-Fix-for-CVE-2017-16516.patch Patch: 0006-Fix-CVE-2022-24795.patch +Patch: 0007-yajl-fix-memory-leak-problem.patch +Patch: 0008-fix-memory-leaks.patch BuildRequires: gcc BuildRequires: cmake @@ -99,6 +101,7 @@ cd test - Switch to using git for managing patches - Fix potential buffer overread (CVE-2017-16516) - Fix integer overflow leading to heap corruption (CVE-2022-24795) +- Fix multiple memory leaks (CVE-2023-33460) * Sat Jan 21 2023 Fedora Release Engineering - 2.1.0-20 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild