1Fix memory leaks. Taken from the Fedora packaging (https://src.fedoraproject.org/rpms/yajl) 2where it was backported from openEuler. 3 4CVE: CVE-2023-33460 5Upstream-Status: Submitted [https://github.com/lloyd/yajl/issues/250] 6Signed-off-by: Ross Burton <ross.burton@arm.com> 7 8diff --git a/src/yajl_tree.c b/src/yajl_tree.c 9index 3d357a3..56c7012 100644 10--- a/src/yajl_tree.c 11+++ b/src/yajl_tree.c 12@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx) 13 ctx->stack = stack->next; 14 15 v = stack->value; 16- 17+ free (stack->key); 18 free (stack); 19 20 return (v); 21@@ -444,7 +444,14 @@ yajl_val yajl_tree_parse (const char *input, 22 snprintf(error_buffer, error_buffer_size, "%s", internal_err_str); 23 YA_FREE(&(handle->alloc), internal_err_str); 24 } 25+ while(ctx.stack != NULL) { 26+ yajl_val v = context_pop(&ctx); 27+ yajl_tree_free(v); 28+ } 29 yajl_free (handle); 30+ //If the requested memory is not released in time, it will cause memory leakage 31+ if(ctx.root) 32+ yajl_tree_free(ctx.root); 33 return NULL; 34 } 35 36