mirror of
https://https.git.savannah.gnu.org/git/guix.git/
synced 2025-07-12 10:00:46 +02:00
788e3b87a7
* gnu/packages/patches/yajl-CVE-2023-33460.patch: Add file. * gnu/local.mk: Record patch. * gnu/packages/web.scm (yajl)[source]: Record patch. Signed-off-by: Zheng Junjie <z572@z572.online>
38 lines
1.2 KiB
Diff
38 lines
1.2 KiB
Diff
Memory leak in yajl 2.1.0 with use of yajl_tree_parse function
|
|
See https://github.com/lloyd/yajl/issues/250#issuecomment-1628695214
|
|
|
|
Origin: https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698
|
|
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039984
|
|
Bug: https://github.com/lloyd/yajl/issues/250
|
|
---
|
|
src/yajl_tree.c | 9 ++++++++-
|
|
1 file changed, 8 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/src/yajl_tree.c b/src/yajl_tree.c
|
|
index 3d357a32..56c7012f 100644
|
|
--- a/src/yajl_tree.c
|
|
+++ b/src/yajl_tree.c
|
|
@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx)
|
|
ctx->stack = stack->next;
|
|
|
|
v = stack->value;
|
|
-
|
|
+ free (stack->key);
|
|
free (stack);
|
|
|
|
return (v);
|
|
@@ -444,7 +444,14 @@ yajl_val yajl_tree_parse (const char *input,
|
|
snprintf(error_buffer, error_buffer_size, "%s", internal_err_str);
|
|
YA_FREE(&(handle->alloc), internal_err_str);
|
|
}
|
|
+ while(ctx.stack != NULL) {
|
|
+ yajl_val v = context_pop(&ctx);
|
|
+ yajl_tree_free(v);
|
|
+ }
|
|
yajl_free (handle);
|
|
+ //If the requested memory is not released in time, it will cause memory leakage
|
|
+ if(ctx.root)
|
|
+ yajl_tree_free(ctx.root);
|
|
return NULL;
|
|
}
|
|
|