1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
Description: Fix for CVE-2023-33460a
Memory leak in yajl 2.1.0 with use of yajl_tree_parse function
See https://github.com/lloyd/yajl/issues/250#issuecomment-1628695214
Origin: https://github.com/openEuler-BaseService/yajl/commit/23a122eddaa28165a6c219000adcc31ff9a8a698
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039984
Bug: https://github.com/lloyd/yajl/issues/250
src/yajl_tree.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
@@ -143,7 +143,7 @@
ctx->stack = stack->next;
v = stack->value;
-
+ free (stack->key);
free (stack);
return (v);
@@ -444,7 +444,14 @@
snprintf(error_buffer, error_buffer_size, "%s", internal_err_str);
YA_FREE(&(handle->alloc), internal_err_str);
}
+ while(ctx.stack != NULL) {
+ yajl_val v = context_pop(&ctx);
+ yajl_tree_free(v);
+ }
yajl_free (handle);
+ //If the requested memory is not released in time, it will cause memory leakage
+ if(ctx.root)
+ yajl_tree_free(ctx.root);
return NULL;
}
|
