Compare commits
No commits in common. "imports/c9/yajl-2.1.0-20.el9" and "c8s" have entirely different histories.
imports/c9
...
c8s
|
@ -0,0 +1,54 @@
|
||||||
|
From 49923ccb2143e36850bcdeb781e2bcdf5ce22f15 Mon Sep 17 00:00:00 2001
|
||||||
|
From: John Hawthorn <john@hawthorn.email>
|
||||||
|
Date: Wed, 2 Mar 2022 14:17:59 -0800
|
||||||
|
Subject: [PATCH] Check need < buf->used
|
||||||
|
|
||||||
|
We're guaranteed a power of 2 so that this becomes 0, but we might as
|
||||||
|
well use a check for overflow that works in more cases.
|
||||||
|
|
||||||
|
Unsigned integer overflow is defined behaviour, so this should be safe.
|
||||||
|
|
||||||
|
(cherry picked from commit 36410d536b676e836637bb20574a56ebc920eb83)
|
||||||
|
---
|
||||||
|
src/yajl_buf.c | 9 +++++++--
|
||||||
|
1 file changed, 7 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/yajl_buf.c b/src/yajl_buf.c
|
||||||
|
index 1aeafde0..8bd1bea7 100644
|
||||||
|
--- a/src/yajl_buf.c
|
||||||
|
+++ b/src/yajl_buf.c
|
||||||
|
@@ -30,7 +30,7 @@ struct yajl_buf_t {
|
||||||
|
};
|
||||||
|
|
||||||
|
static
|
||||||
|
-void yajl_buf_ensure_available(yajl_buf buf, size_t want)
|
||||||
|
+int yajl_buf_ensure_available(yajl_buf buf, size_t want)
|
||||||
|
{
|
||||||
|
size_t need;
|
||||||
|
|
||||||
|
@@ -46,11 +46,15 @@ void yajl_buf_ensure_available(yajl_buf buf, size_t want)
|
||||||
|
need = buf->len;
|
||||||
|
|
||||||
|
while (want >= (need - buf->used)) need <<= 1;
|
||||||
|
+ if (need < buf->used) {
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
if (need != buf->len) {
|
||||||
|
buf->data = (unsigned char *) YA_REALLOC(buf->alloc, buf->data, need);
|
||||||
|
buf->len = need;
|
||||||
|
}
|
||||||
|
+ return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
yajl_buf yajl_buf_alloc(yajl_alloc_funcs * alloc)
|
||||||
|
@@ -70,7 +74,8 @@ void yajl_buf_free(yajl_buf buf)
|
||||||
|
|
||||||
|
void yajl_buf_append(yajl_buf buf, const void * data, size_t len)
|
||||||
|
{
|
||||||
|
- yajl_buf_ensure_available(buf, len);
|
||||||
|
+ if (yajl_buf_ensure_available(buf, len))
|
||||||
|
+ return;
|
||||||
|
if (len > 0) {
|
||||||
|
assert(data != NULL);
|
||||||
|
memcpy(buf->data + buf->used, data, len);
|
|
@ -3,7 +3,7 @@
|
||||||
|
|
||||||
Name: yajl
|
Name: yajl
|
||||||
Version: 2.1.0
|
Version: 2.1.0
|
||||||
Release: 20%{?dist}
|
Release: 11%{?dist}
|
||||||
Summary: Yet Another JSON Library (YAJL)
|
Summary: Yet Another JSON Library (YAJL)
|
||||||
|
|
||||||
License: ISC
|
License: ISC
|
||||||
|
@ -23,6 +23,7 @@ Patch1: %{name}-%{version}-pkgconfig-location.patch
|
||||||
Patch2: %{name}-%{version}-pkgconfig-includedir.patch
|
Patch2: %{name}-%{version}-pkgconfig-includedir.patch
|
||||||
Patch3: %{name}-%{version}-test-location.patch
|
Patch3: %{name}-%{version}-test-location.patch
|
||||||
Patch4: %{name}-%{version}-dynlink-binaries.patch
|
Patch4: %{name}-%{version}-dynlink-binaries.patch
|
||||||
|
Patch5: https://github.com/containers/yajl/commit/49923ccb2143e36850bcdeb781e2bcdf5ce22f15.patch
|
||||||
|
|
||||||
BuildRequires: gcc
|
BuildRequires: gcc
|
||||||
BuildRequires: cmake
|
BuildRequires: cmake
|
||||||
|
@ -50,6 +51,7 @@ necessary for developing against the YAJL library
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
# NB, we are not using upstream's 'configure'/'make'
|
# NB, we are not using upstream's 'configure'/'make'
|
||||||
|
@ -94,38 +96,9 @@ cd test
|
||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Fri Oct 01 2021 Jindrich Novy <jnovy@redhat.com> - 2.1.0-20
|
* Wed Apr 27 2022 Jindrich Novy <jnovy@redhat.com> - 2.1.0-11
|
||||||
- perform only sanity/installability tests for now
|
- fix CVE-2022-24795
|
||||||
- Related: #2000051
|
- Related: #2061390
|
||||||
|
|
||||||
* Wed Sep 29 2021 Jindrich Novy <jnovy@redhat.com> - 2.1.0-19
|
|
||||||
- add gating.yaml
|
|
||||||
- Related: #2000051
|
|
||||||
|
|
||||||
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 2.1.0-18
|
|
||||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
|
|
||||||
Related: rhbz#1991688
|
|
||||||
|
|
||||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.1.0-17
|
|
||||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
|
||||||
|
|
||||||
* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-16
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
|
|
||||||
|
|
||||||
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-15
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
|
||||||
|
|
||||||
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-14
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
|
||||||
|
|
||||||
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-13
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
|
||||||
|
|
||||||
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-12
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
|
||||||
|
|
||||||
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-11
|
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
|
||||||
|
|
||||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-10
|
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.1.0-10
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||||
|
|
Loading…
Reference in New Issue