Adam Majer
35cfce9e69
Fix for CVE-2023-33460, bsc#1212928 OBS-URL: https://build.opensuse.org/request/show/1097635 OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libyajl?expand=0&rev=42
28 lines
844 B
Diff
28 lines
844 B
Diff
From c5597ea8483116d4f4cd104b8c3d641e4d4385fa Mon Sep 17 00:00:00 2001
|
|
From: Jim Fehlig <jfehlig@suse.com>
|
|
Date: Fri, 7 Jul 2023 15:21:21 -0600
|
|
Subject: [PATCH] Fix for CVE-2023-33460
|
|
|
|
Fix memory leak in yajl_tree_parse function
|
|
---
|
|
src/yajl_tree.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
Index: yajl-2.1.0/src/yajl_tree.c
|
|
===================================================================
|
|
--- yajl-2.1.0.orig/src/yajl_tree.c
|
|
+++ yajl-2.1.0/src/yajl_tree.c
|
|
@@ -445,6 +445,12 @@ yajl_val yajl_tree_parse (const char *in
|
|
YA_FREE(&(handle->alloc), internal_err_str);
|
|
}
|
|
yajl_free (handle);
|
|
+ /*
|
|
+ * If the requested memory is not released in time, it will cause
|
|
+ * memory leakage
|
|
+ */
|
|
+ if(ctx.root)
|
|
+ yajl_tree_free(ctx.root);
|
|
return NULL;
|
|
}
|
|
|