packages/json-c
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!25 [sync] PR-24: add backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @overweight 
Signed-off-by: @overweight
This commit is contained in:
openeuler-ci-bot 2022-05-30 09:15:06 +00:00 committed by Gitee
commit 6633b11579
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 54 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch Normal file
View File

@ -0,0 +1,48 @@
From 296db618e9d1862aea788e90e751b4999db41a2a Mon Sep 17 00:00:00 2001
From: Even Rouault <even.rouault@spatialys.com>
Date: Wed, 12 Jan 2022 23:43:03 +0100
Subject: [PATCH] json_escape_str(): avoid harmless unsigned integer overflow
Current behaviour is perfectly valid, since wrap-over upon overflow is
well defined behaviour for unsigned types, but it is nevertheless nice to be
able to build with -fsanitize=undefined,unsigned-integer-overflow
There is no significant effect on the generated assembly as can be seen
on the diff of objdump -d output on a optimized build (the compiler
just decided to switch the order of a comparison):
@@ -135,8 +135,8 @@
1d0: 0f 84 70 ff ff ff je 146 <json_escape_str+0x146>
1d6: 4c 3b 24 24 cmp (%rsp),%r12
1da: 0f 85 2d ff ff ff jne 10d <json_escape_str+0x10d>
- 1e0: 49 39 f4 cmp %rsi,%r12
- 1e3: 0f 87 b7 00 00 00 ja 2a0 <json_escape_str+0x2a0>
+ 1e0: 4c 39 e6 cmp %r12,%rsi
+ 1e3: 0f 82 b7 00 00 00 jb 2a0 <json_escape_str+0x2a0>
1e9: 48 8b 44 24 18 mov 0x18(%rsp),%rax
1ee: 64 48 33 04 25 28 00 xor %fs:0x28,%rax
1f5: 00 00
Conflict:NA
Reference:https://github.com/json-c/json-c/commit/296db618e9d1862aea788e90e751b4999db41a2a
---
json_object.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/json_object.c b/json_object.c
index 9198257..3216941 100644
--- a/json_object.c
+++ b/json_object.c
@@ -216,8 +216,9 @@ static int json_escape_str(struct printbuf *pb, const char *str, size_t len, int
{
int pos = 0, start_offset = 0;
unsigned char c;
- while (len--)
+ while (len)
{
+ --len;
c = str[pos];
switch (c)
{
--
2.27.0

7
json-c.spec
View File

@ -6,7 +6,7 @@
Name: json-c Name: json-c
Version: 0.15 Version: 0.15
Release: 1 Release: 2
Summary: JSON implementation in C Summary: JSON implementation in C
License: MIT License: MIT
@ -15,6 +15,8 @@ Source0: %{url}/archive/%{name}-%{version}-%{reldate}.tar.gz
BuildRequires: cmake gcc ninja-build json-c BuildRequires: cmake gcc ninja-build json-c
Patch6000: backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch
%description %description
JSON-C implements a reference counting object model that allows you JSON-C implements a reference counting object model that allows you
to easily construct JSON objects in C, output them as JSON formatted to easily construct JSON objects in C, output them as JSON formatted
@ -96,6 +98,9 @@ hardlink -cfv %{buildroot}%{_pkgdocdir}
%doc %{_pkgdocdir} %doc %{_pkgdocdir}
%changelog %changelog
* Mon May 9 2022 wuchaochao <cyanrose@yeah.net> - 0.15-2
- add backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch
* Thu Aug 20 2020 jinzhimin <jinzhimin2@huawei.com> - 0.15-1 * Thu Aug 20 2020 jinzhimin <jinzhimin2@huawei.com> - 0.15-1
- update to 0.15 - update to 0.15