| Fix memory leaks. Taken from the Fedora packaging (https://src.fedoraproject.org/rpms/yajl) |
| where it was backported from openEuler. |
| |
| CVE: CVE-2023-33460 |
| Upstream-Status: Submitted [https://github.com/lloyd/yajl/issues/250] |
| Signed-off-by: Ross Burton <ross.burton@arm.com> |
| |
| diff --git a/src/yajl_tree.c b/src/yajl_tree.c |
| index 3d357a3..56c7012 100644 |
| --- a/src/yajl_tree.c |
| +++ b/src/yajl_tree.c |
| @@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx) |
| ctx->stack = stack->next; |
| |
| v = stack->value; |
| - |
| + free (stack->key); |
| free (stack); |
| |
| return (v); |
| @@ -444,7 +444,14 @@ yajl_val yajl_tree_parse (const char *input, |
| snprintf(error_buffer, error_buffer_size, "%s", internal_err_str); |
| YA_FREE(&(handle->alloc), internal_err_str); |
| } |
| + while(ctx.stack != NULL) { |
| + yajl_val v = context_pop(&ctx); |
| + yajl_tree_free(v); |
| + } |
| yajl_free (handle); |
| + //If the requested memory is not released in time, it will cause memory leakage |
| + if(ctx.root) |
| + yajl_tree_free(ctx.root); |
| return NULL; |
| } |
| |