From b73b6e1f2105949e5cb29b343446cb514783c2d0 Mon Sep 17 00:00:00 2001
From: sun_haii_10 <sunhai10@huawei.com>
Date: Sat, 15 Mar 2025 16:56:05 +0800
Subject: [PATCH] backport patches

(cherry picked from commit b52f3ed3c2833d8ed9f9dee12264ebcd2551bb3c)
---
 ...t-error-json_tokener_error_memory-in.patch | 28 +++++++++++
 ...NULL-gracefully-in-json_tokener_free.patch | 32 ++++++++++++
 ...-yet-another-out-of-memory-condition.patch | 31 ++++++++++++
 ...few-places-where-json_tokener-should.patch | 49 +++++++++++++++++++
 ...allow-json_tokener_new_ex-with-a-dep.patch | 40 +++++++++++++++
 json-c.spec                                   | 16 +++++-
 6 files changed, 195 insertions(+), 1 deletion(-)
 create mode 100644 backport-Fix-issue-854-Set-error-json_tokener_error_memory-in.patch
 create mode 100644 backport-Handle-NULL-gracefully-in-json_tokener_free.patch
 create mode 100644 backport-Handle-yet-another-out-of-memory-condition.patch
 create mode 100644 backport-Issue-857-fix-a-few-places-where-json_tokener-should.patch
 create mode 100644 backport-Issue-881-don-t-allow-json_tokener_new_ex-with-a-dep.patch

diff --git a/backport-Fix-issue-854-Set-error-json_tokener_error_memory-in.patch b/backport-Fix-issue-854-Set-error-json_tokener_error_memory-in.patch
new file mode 100644
index 0000000..34cd5ac
--- /dev/null
+++ b/backport-Fix-issue-854-Set-error-json_tokener_error_memory-in.patch
@@ -0,0 +1,28 @@
+From e93ae70417867dac9ff87614f3e7bc50e79ef951 Mon Sep 17 00:00:00 2001
+From: Eric Hawicz <erh+git@nimenees.com>
+Date: Fri, 29 Mar 2024 18:09:12 -0400
+Subject: [PATCH] Fix issue #854: Set error=json_tokener_error_memory in
+ json_tokener_parser_verbose() when allocating the tokener fails.
+
+---
+ json_tokener.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/json_tokener.c b/json_tokener.c
+index 9926563..e8244a3 100644
+--- a/json_tokener.c
++++ b/json_tokener.c
+@@ -226,7 +226,10 @@ struct json_object *json_tokener_parse_verbose(const char *str, enum json_tokene
+ 
+ 	tok = json_tokener_new();
+ 	if (!tok)
++	{
++		*error = json_tokener_error_memory;
+ 		return NULL;
++	}
+ 	obj = json_tokener_parse_ex(tok, str, -1);
+ 	*error = tok->err;
+ 	if (tok->err != json_tokener_success
+-- 
+2.35.1.windows.2
+
diff --git a/backport-Handle-NULL-gracefully-in-json_tokener_free.patch b/backport-Handle-NULL-gracefully-in-json_tokener_free.patch
new file mode 100644
index 0000000..f45a94d
--- /dev/null
+++ b/backport-Handle-NULL-gracefully-in-json_tokener_free.patch
@@ -0,0 +1,32 @@
+From 828c12b22661de53d6497bd1410c68cb153b4f35 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com>
+Date: Wed, 6 Nov 2024 15:19:04 +0100
+Subject: [PATCH] Handle NULL gracefully in json_tokener_free
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Similarly to glibc's free, make json_tokener_free(NULL)
+a no-op, to simplify cleanup paths.
+
+Signed-off-by: Ján Tomko <jtomko@redhat.com>
+---
+ json_tokener.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/json_tokener.c b/json_tokener.c
+index c831f8a..4453c89 100644
+--- a/json_tokener.c
++++ b/json_tokener.c
+@@ -182,6 +182,8 @@ struct json_tokener *json_tokener_new(void)
+ 
+ void json_tokener_free(struct json_tokener *tok)
+ {
++	if (!tok)
++		return;
+ 	json_tokener_reset(tok);
+ 	if (tok->pb)
+ 		printbuf_free(tok->pb);
+-- 
+2.35.1.windows.2
+
diff --git a/backport-Handle-yet-another-out-of-memory-condition.patch b/backport-Handle-yet-another-out-of-memory-condition.patch
new file mode 100644
index 0000000..b8faa37
--- /dev/null
+++ b/backport-Handle-yet-another-out-of-memory-condition.patch
@@ -0,0 +1,31 @@
+From 833233faa8d6835276ebbd48b92c7feeb141270d Mon Sep 17 00:00:00 2001
+From: Bruno Haible <bruno@clisp.org>
+Date: Mon, 22 Apr 2024 01:50:59 +0200
+Subject: [PATCH] Handle yet another out-of-memory condition.
+
+duplocale() can return NULL, with errno set to ENOMEM.
+In this case, bail out and set the current error code to
+json_tokener_error_memory.
+---
+ json_tokener.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/json_tokener.c b/json_tokener.c
+index cc35527..0a86d82 100644
+--- a/json_tokener.c
++++ b/json_tokener.c
+@@ -341,6 +341,11 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char *
+ #ifdef HAVE_USELOCALE
+ 	{
+ 		locale_t duploc = duplocale(oldlocale);
++		if (duploc == NULL && errno == ENOMEM)
++		{
++			tok->err = json_tokener_error_memory;
++			return NULL;
++		}
+ 		newloc = newlocale(LC_NUMERIC_MASK, "C", duploc);
+ 		if (newloc == NULL)
+ 		{
+-- 
+2.35.1.windows.2
+
diff --git a/backport-Issue-857-fix-a-few-places-where-json_tokener-should.patch b/backport-Issue-857-fix-a-few-places-where-json_tokener-should.patch
new file mode 100644
index 0000000..afaf31d
--- /dev/null
+++ b/backport-Issue-857-fix-a-few-places-where-json_tokener-should.patch
@@ -0,0 +1,49 @@
+From 31a22fb2dabae30a759ae3346b493b44cedf1647 Mon Sep 17 00:00:00 2001
+From: Eric Hawicz <erh+git@nimenees.com>
+Date: Sun, 21 Apr 2024 10:37:16 -0400
+Subject: [PATCH] Issue #857: fix a few places where json_tokener should have
+ been returning json_tokener_error_memory but wasn't.
+
+---
+ json_tokener.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/json_tokener.c b/json_tokener.c
+index e8244a3..cc35527 100644
+--- a/json_tokener.c
++++ b/json_tokener.c
+@@ -344,6 +344,7 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char *
+ 		newloc = newlocale(LC_NUMERIC_MASK, "C", duploc);
+ 		if (newloc == NULL)
+ 		{
++			tok->err = json_tokener_error_memory;
+ 			freelocale(duploc);
+ 			return NULL;
+ 		}
+@@ -362,7 +363,10 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char *
+ 		{
+ 			oldlocale = strdup(tmplocale);
+ 			if (oldlocale == NULL)
++			{
++				tok->err = json_tokener_error_memory;
+ 				return NULL;
++			}
+ 		}
+ 		setlocale(LC_NUMERIC, "C");
+ 	}
+@@ -1257,7 +1261,11 @@ struct json_object *json_tokener_parse_ex(struct json_tokener *tok, const char *
+ 			goto redo_char;
+ 
+ 		case json_tokener_state_object_value_add:
+-			json_object_object_add(current, obj_field_name, obj);
++			if (json_object_object_add(current, obj_field_name, obj) != 0)
++			{
++				tok->err = json_tokener_error_memory;
++				goto out;
++			}
+ 			free(obj_field_name);
+ 			obj_field_name = NULL;
+ 			saved_state = json_tokener_state_object_sep;
+-- 
+2.35.1.windows.2
+
diff --git a/backport-Issue-881-don-t-allow-json_tokener_new_ex-with-a-dep.patch b/backport-Issue-881-don-t-allow-json_tokener_new_ex-with-a-dep.patch
new file mode 100644
index 0000000..09ab7fe
--- /dev/null
+++ b/backport-Issue-881-don-t-allow-json_tokener_new_ex-with-a-dep.patch
@@ -0,0 +1,40 @@
+From ff8ed0f094ddb48edad8169b711097f69fe8efea Mon Sep 17 00:00:00 2001
+From: Eric Hawicz <erh+git@nimenees.com>
+Date: Sun, 17 Nov 2024 22:11:24 -0500
+Subject: [PATCH] Issue #881: don't allow json_tokener_new_ex() with a depth <
+ 1
+
+---
+ json_tokener.c | 3 +++
+ json_tokener.h | 1 +
+ 2 files changed, 4 insertions(+)
+
+diff --git a/json_tokener.c b/json_tokener.c
+index 773229e..1954bcd 100644
+--- a/json_tokener.c
++++ b/json_tokener.c
+@@ -154,6 +154,9 @@ struct json_tokener *json_tokener_new_ex(int depth)
+ {
+ 	struct json_tokener *tok;
+ 
++	if (depth < 1)
++		return NULL;
++
+ 	tok = (struct json_tokener *)calloc(1, sizeof(struct json_tokener));
+ 	if (!tok)
+ 		return NULL;
+diff --git a/json_tokener.h b/json_tokener.h
+index 54925e5..f53a761 100644
+--- a/json_tokener.h
++++ b/json_tokener.h
+@@ -206,6 +206,7 @@ JSON_EXPORT struct json_tokener *json_tokener_new(void);
+ 
+ /**
+  * Allocate a new json_tokener with a custom max nesting depth.
++ * The depth must be at least 1.
+  * @see JSON_TOKENER_DEFAULT_DEPTH
+  */
+ JSON_EXPORT struct json_tokener *json_tokener_new_ex(int depth);
+-- 
+2.35.1.windows.2
+
diff --git a/json-c.spec b/json-c.spec
index 10f6e69..d504448 100644
--- a/json-c.spec
+++ b/json-c.spec
@@ -6,7 +6,7 @@
 
 Name:           json-c
 Version:        0.16
-Release:        4
+Release:        5
 Summary:        JSON implementation in C
 
 License:        MIT
@@ -23,6 +23,13 @@ Patch6004:      backport-Explicitly-check-for-integer-overflow-when-parsing.patc
 Patch6005:      backport-Fix-build-with-clang-15.patch
 Patch6006:      backport-json_tokener_parse_ex-handle-out-of-memory-errors.patch
 
+Patch6007:      backport-Handle-yet-another-out-of-memory-condition.patch
+Patch6008:      backport-Fix-issue-854-Set-error-json_tokener_error_memory-in.patch
+Patch6009:      backport-Issue-857-fix-a-few-places-where-json_tokener-should.patch
+Patch6010:      backport-Handle-NULL-gracefully-in-json_tokener_free.patch
+Patch6011:      backport-Issue-881-don-t-allow-json_tokener_new_ex-with-a-dep.patch
+
+
 %description
 JSON-C implements a reference counting object model that allows you
 to easily construct JSON objects in C, output them as JSON formatted
@@ -109,6 +116,13 @@ end
 %doc %{_pkgdocdir}
 
 %changelog
+* Sat Mar 15 2025 sunhai <sunhai10@huawei.com> - 0.16-5
+- Handle yet another out of memory condition
+- Fix issue 854 Set error json_tokener_error_memory in
+- Issue 857 fix a few places where json_tokener should
+- Handle NULL gracefully in json_tokener_free
+- Issue 881 don t allow json_tokener_new_ex with a dep
+
 * Mon Sep 04 2023 sunhai <sunhai10@huawei.com> - 0.16-4
 - backport patch to Fix build with clang-15+
 - backport patch to Fix json_tokener_parse_ex: handle out of memory errors
-- 
Gitee