1*ac13d5f3SPatrick WilliamsFix memory leaks. Taken from the Fedora packaging (https://src.fedoraproject.org/rpms/yajl) 2*ac13d5f3SPatrick Williamswhere it was backported from openEuler. 3*ac13d5f3SPatrick Williams 4*ac13d5f3SPatrick WilliamsCVE: CVE-2023-33460 5*ac13d5f3SPatrick WilliamsUpstream-Status: Submitted [https://github.com/lloyd/yajl/issues/250] 6*ac13d5f3SPatrick WilliamsSigned-off-by: Ross Burton <ross.burton@arm.com> 7*ac13d5f3SPatrick Williams 8*ac13d5f3SPatrick Williamsdiff --git a/src/yajl_tree.c b/src/yajl_tree.c 9*ac13d5f3SPatrick Williamsindex 3d357a3..56c7012 100644 10*ac13d5f3SPatrick Williams--- a/src/yajl_tree.c 11*ac13d5f3SPatrick Williams+++ b/src/yajl_tree.c 12*ac13d5f3SPatrick Williams@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx) 13*ac13d5f3SPatrick Williams ctx->stack = stack->next; 14*ac13d5f3SPatrick Williams 15*ac13d5f3SPatrick Williams v = stack->value; 16*ac13d5f3SPatrick Williams- 17*ac13d5f3SPatrick Williams+ free (stack->key); 18*ac13d5f3SPatrick Williams free (stack); 19*ac13d5f3SPatrick Williams 20*ac13d5f3SPatrick Williams return (v); 21*ac13d5f3SPatrick Williams@@ -444,7 +444,14 @@ yajl_val yajl_tree_parse (const char *input, 22*ac13d5f3SPatrick Williams snprintf(error_buffer, error_buffer_size, "%s", internal_err_str); 23*ac13d5f3SPatrick Williams YA_FREE(&(handle->alloc), internal_err_str); 24*ac13d5f3SPatrick Williams } 25*ac13d5f3SPatrick Williams+ while(ctx.stack != NULL) { 26*ac13d5f3SPatrick Williams+ yajl_val v = context_pop(&ctx); 27*ac13d5f3SPatrick Williams+ yajl_tree_free(v); 28*ac13d5f3SPatrick Williams+ } 29*ac13d5f3SPatrick Williams yajl_free (handle); 30*ac13d5f3SPatrick Williams+ //If the requested memory is not released in time, it will cause memory leakage 31*ac13d5f3SPatrick Williams+ if(ctx.root) 32*ac13d5f3SPatrick Williams+ yajl_tree_free(ctx.root); 33*ac13d5f3SPatrick Williams return NULL; 34*ac13d5f3SPatrick Williams } 35*ac13d5f3SPatrick Williams 36