forked from pool/python-orjson
Compare commits
9 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| 00f03220b9 | |||
| 3346e0e69c | |||
| 829877aa3d | |||
| edeac2ad8b | |||
| 20568c0341 | |||
| 0e46bef571 | |||
| 93c1023f65 | |||
| 719bbc61f2 | |||
| 47844c6657 |
45
CVE-2025-67221.patch
Normal file
45
CVE-2025-67221.patch
Normal file
@@ -0,0 +1,45 @@
|
||||
From e959d90ac722022b781b19f86e6ea9adaba8e383 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Garcia Moreno <dani@danigm.net>
|
||||
Date: Fri, 23 Jan 2026 20:22:23 +0100
|
||||
Subject: [PATCH] formatter: reserve_minimum in end_ methods
|
||||
|
||||
In highly nested json objects it's possible to have a lot of consecutive
|
||||
closing characters that are added by end_array and end_object. These
|
||||
methods adds one byte without checking the buffer capacity, so it's
|
||||
possible to try to write when there's no capacity.
|
||||
|
||||
This patch makes sure that the buffer has at least minimum space before
|
||||
writing.
|
||||
|
||||
This is the upstream commit that removes this check: c369ea44820e2e0798f17f99a0dff65bec2186a9
|
||||
```
|
||||
$ git log -p c369ea44820e2e0798f17f99a0dff65bec2186a9 -- src/serialize/writer/formatter.rs
|
||||
```
|
||||
|
||||
Fix https://github.com/ijl/orjson/issues/636
|
||||
---
|
||||
src/serialize/writer/formatter.rs | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
Index: orjson-3.10.15/src/serialize/writer/formatter.rs
|
||||
===================================================================
|
||||
--- orjson-3.10.15.orig/src/serialize/writer/formatter.rs
|
||||
+++ orjson-3.10.15/src/serialize/writer/formatter.rs
|
||||
@@ -202,7 +202,7 @@ pub trait Formatter {
|
||||
where
|
||||
W: ?Sized + io::Write + WriteExt,
|
||||
{
|
||||
- debug_assert_has_capacity!(writer);
|
||||
+ reserve_minimum!(writer);
|
||||
unsafe { writer.write_reserved_punctuation(b']').unwrap() };
|
||||
Ok(())
|
||||
}
|
||||
@@ -244,7 +244,7 @@ pub trait Formatter {
|
||||
where
|
||||
W: ?Sized + io::Write + WriteExt,
|
||||
{
|
||||
- debug_assert_has_capacity!(writer);
|
||||
+ reserve_minimum!(writer);
|
||||
unsafe {
|
||||
writer.write_reserved_punctuation(b'}').unwrap();
|
||||
}
|
||||
@@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 26 08:53:23 UTC 2026 - Daniel Garcia <daniel.garcia@suse.com>
|
||||
|
||||
- Add CVE-2025-67221.patch to fix write outsize of allocated memory
|
||||
on json dump (bsc#1257121, gh#ijl/orjson#637)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 7 12:53:21 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||
|
||||
|
||||
@@ -29,6 +29,8 @@ Source1: vendor.tar.xz
|
||||
Source2: https://files.pythonhosted.org/packages/source/o/orjson/orjson-%{version}.tar.gz
|
||||
Source3: devendor-sdist.sh
|
||||
Source4: PACKAGING_README.md
|
||||
# PATCH-FIX-OPENSUSE CVE-2025-67221.patch gh#ijl/orjson#637
|
||||
Patch0: CVE-2025-67221.patch
|
||||
BuildRequires: %{python_module base >= 3.8}
|
||||
BuildRequires: %{python_module maturin >= 1}
|
||||
BuildRequires: %{python_module pip}
|
||||
@@ -53,7 +55,7 @@ orjson is a fast JSON library for Python.
|
||||
It benchmarks as the fastest Python library for JSON.
|
||||
|
||||
%prep
|
||||
%autosetup -a1 -n orjson-%{version}
|
||||
%autosetup -p1 -a1 -n orjson-%{version}
|
||||
|
||||
%build
|
||||
%pyproject_wheel
|
||||
|
||||
Reference in New Issue
Block a user