From: Rosen Penev Date: Sun, 11 Feb 2024 22:27:25 +0000 (-0800) Subject: yajl: backport CVE-2023-33460 fix X-Git-Url: http://git.openwrt.org/?p=feed%2Fpackages.git;a=commitdiff_plain;h=c9ff829fdb046a774c25cf3ce3382979b795edfd yajl: backport CVE-2023-33460 fix Removed old uclibc patches. Not relevant with modern musl or glibc. Signed-off-by: Rosen Penev --- diff --git a/libs/yajl/Makefile b/libs/yajl/Makefile index bb496786d3..fac9dcc31c 100644 --- a/libs/yajl/Makefile +++ b/libs/yajl/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=yajl PKG_VERSION:=2.1.0 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/lloyd/yajl diff --git a/libs/yajl/patches/010-CVE-2023-33460.patch b/libs/yajl/patches/010-CVE-2023-33460.patch new file mode 100644 index 0000000000..4edc1d3a67 --- /dev/null +++ b/libs/yajl/patches/010-CVE-2023-33460.patch @@ -0,0 +1,41 @@ +From 31531a6e6b5641398237ce15b7e62da02d975fc6 Mon Sep 17 00:00:00 2001 +From: Like Ma +Date: Sat, 2 Dec 2023 19:55:55 +0800 +Subject: [PATCH] Fix for CVE-2023-33460a + +Memory leak in yajl 2.1.0 with use of yajl_tree_parse function +See https://github.com/lloyd/yajl/issues/250#issuecomment-1628695214 + +Origin: https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039984 +Bug: https://github.com/lloyd/yajl/issues/250 +--- + src/yajl_tree.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +--- a/src/yajl_tree.c ++++ b/src/yajl_tree.c +@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *c + ctx->stack = stack->next; + + v = stack->value; +- ++ free (stack->key); + free (stack); + + return (v); +@@ -444,7 +444,14 @@ yajl_val yajl_tree_parse (const char *in + snprintf(error_buffer, error_buffer_size, "%s", internal_err_str); + YA_FREE(&(handle->alloc), internal_err_str); + } ++ while(ctx.stack != NULL) { ++ yajl_val v = context_pop(&ctx); ++ yajl_tree_free(v); ++ } + yajl_free (handle); ++ //If the requested memory is not released in time, it will cause memory leakage ++ if(ctx.root) ++ yajl_tree_free(ctx.root); + return NULL; + } + diff --git a/libs/yajl/patches/100-link-reformatter-uclibc-libm.patch b/libs/yajl/patches/100-link-reformatter-uclibc-libm.patch deleted file mode 100644 index 21aa41f63c..0000000000 --- a/libs/yajl/patches/100-link-reformatter-uclibc-libm.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/reformatter/CMakeLists.txt -+++ b/reformatter/CMakeLists.txt -@@ -26,7 +26,7 @@ LINK_DIRECTORIES(${CMAKE_CURRENT_BINARY_ - - ADD_EXECUTABLE(json_reformat ${SRCS}) - --TARGET_LINK_LIBRARIES(json_reformat yajl_s) -+TARGET_LINK_LIBRARIES(json_reformat yajl_s m) - - # In some environments, we must explicitly link libm (like qnx, - # thanks @shahbag) diff --git a/libs/yajl/patches/101-link-perf-uclibc-libm.patch b/libs/yajl/patches/101-link-perf-uclibc-libm.patch deleted file mode 100644 index 797c4a7daf..0000000000 --- a/libs/yajl/patches/101-link-perf-uclibc-libm.patch +++ /dev/null @@ -1,8 +0,0 @@ ---- a/perf/CMakeLists.txt -+++ b/perf/CMakeLists.txt -@@ -20,4 +20,4 @@ LINK_DIRECTORIES(${CMAKE_CURRENT_BINARY_ - - ADD_EXECUTABLE(perftest ${SRCS}) - --TARGET_LINK_LIBRARIES(perftest yajl_s) -+TARGET_LINK_LIBRARIES(perftest yajl_s m)