packages/libyaml
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!26 [sync] PR-24: Fix heap buffer overflow error in yaml_emitter_emit_flow_sequence_item function

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @ziyangc 
Signed-off-by: @ziyangc
This commit is contained in:
openeuler-ci-bot 2022-11-22 13:19:56 +00:00 committed by Gitee
commit f05093f9aa
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 37 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
fix-heap-buffer-overflow-error-in-yaml-emitter-emit.patch Normal file
View File

@ -0,0 +1,32 @@
From cbd860b8e62ec0dc85d4d76a9a8900a3db9c740c Mon Sep 17 00:00:00 2001
From: chenziyang <chenziyang4@huawei.com>
Date: Tue, 8 Nov 2022 11:15:36 +0800
Subject: [PATCH] Fix heap buffer overflow error in
yaml_emitter_emit_flow_sequence_item function
---
src/emitter.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/src/emitter.c b/src/emitter.c
index 609b28a..336bfd1 100644
--- a/src/emitter.c
+++ b/src/emitter.c
@@ -758,7 +758,13 @@ yaml_emitter_emit_flow_sequence_item(yaml_emitter_t *emitter,
if (event->type == YAML_SEQUENCE_END_EVENT)
{
emitter->flow_level --;
- emitter->indent = POP(emitter, emitter->indents);
+ if (!STACK_EMPTY(emitter, emitter->indents)) {
+ emitter->indent = POP(emitter, emitter->indents);
+ }
+ else {
+ emitter->indent = 0; // set to default
+ }
+
if (emitter->canonical && !first) {
if (!yaml_emitter_write_indicator(emitter, ",", 0, 0, 0))
return 0;
--
2.21.0.windows.1

6
libyaml.spec
View File

@ -1,12 +1,13 @@
Name: libyaml
Version: 0.2.5
Release: 3
Release: 4
Summary: A C library for parsing and emitting YAML
License: MIT
URL: http://pyyaml.org/
Source0: http://pyyaml.org/download/libyaml/yaml-%{version}.tar.gz
Patch0: fix-heap-buffer-overflow-in-yaml_emitter_emit_flow_m.patch
Patch1: fix-heap-buffer-overflow-error-in-yaml-emitter-emit.patch
BuildRequires: gcc
@ -69,6 +70,9 @@ make check
%changelog
* Fri Nov 18 2022 chenziyang <chenziyang4@huawei.com> - 0.2.5-4
- Fix heap buffer overflow in yaml_emitter_emit_flow_sequence_item
* Mon Apr 18 2022 panxiaohe <panxh.life@foxmail.com> - 0.2.5-3
- fix heap buffer overflow in yaml_emitter_emit_flow_mapping_key