Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package cJSON for openSUSE:Factory checked
in at 2021-08-27 21:44:03
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cJSON (Old)
and /work/SRC/openSUSE:Factory/.cJSON.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cJSON"
Fri Aug 27 21:44:03 2021 rev:3 rq:914589 version:1.7.15
Changes:
--------
--- /work/SRC/openSUSE:Factory/cJSON/cJSON.changes 2020-12-28
14:03:03.373397607 +0100
+++ /work/SRC/openSUSE:Factory/.cJSON.new.1899/cJSON.changes 2021-08-27
21:45:16.114066371 +0200
@@ -1,0 +2,9 @@
+Wed Aug 25 11:45:18 UTC 2021 - Martin Hauke <mar...@gmx.de>
+
+- Update to version 1.7.15
+ * Fix potential core dumped for strrchr.
+ * Fix null pointer crash in cJSON_CreateXxArray.
+ * Fix several null pointer problems on allocation failure.
+ * Fix a possible dereference of null pointer.
+
+-------------------------------------------------------------------
Old:
----
cJSON-1.7.14.tar.gz
New:
----
cJSON-1.7.15.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cJSON.spec ++++++
--- /var/tmp/diff_new_pack.mNNhF3/_old 2021-08-27 21:45:16.766067149 +0200
+++ /var/tmp/diff_new_pack.mNNhF3/_new 2021-08-27 21:45:16.770067153 +0200
@@ -1,8 +1,8 @@
#
# spec file for package cJSON
#
-# Copyright (c) 2020 SUSE LLC
-# Copyright (c) 2020, Martin Hauke <mar...@gmx.de>
+# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2020-2021, Martin Hauke <mar...@gmx.de>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
%global sover 1
%global libname libcjson%{sover}
Name: cJSON
-Version: 1.7.14
+Version: 1.7.15
Release: 0
Summary: JSON parser library written in ANSI C
License: MIT
++++++ cJSON-1.7.14.tar.gz -> cJSON-1.7.15.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/CHANGELOG.md
new/cJSON-1.7.15/CHANGELOG.md
--- old/cJSON-1.7.14/CHANGELOG.md 2020-09-03 11:14:26.000000000 +0200
+++ new/cJSON-1.7.15/CHANGELOG.md 2021-08-25 13:15:09.000000000 +0200
@@ -1,3 +1,13 @@
+1.7.15 (Aug 25, 2021)
+======
+Fixes:
+------
+* Fix potential core dumped for strrchr, see
[#546](https://github.com/DaveGamble/cJSON/pull/546)
+* Fix null pointer crash in cJSON_CreateXxArray, see
[#538](https://github.com/DaveGamble/cJSON/pull/538)
+* Fix several null pointer problems on allocation failure, see
[#526](https://github.com/DaveGamble/cJSON/pull/526)
+* Fix a possible dereference of null pointer, see
[#519](https://github.com/DaveGamble/cJSON/pull/519)
+* Fix windows build failure about defining nan, see
[#518](https://github.com/DaveGamble/cJSON/pull/518)
+
1.7.14 (Sep 3, 2020)
======
Fixes:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/CMakeLists.txt
new/cJSON-1.7.15/CMakeLists.txt
--- old/cJSON-1.7.14/CMakeLists.txt 2020-09-03 11:14:26.000000000 +0200
+++ new/cJSON-1.7.15/CMakeLists.txt 2021-08-25 13:15:09.000000000 +0200
@@ -7,7 +7,7 @@
set(PROJECT_VERSION_MAJOR 1)
set(PROJECT_VERSION_MINOR 7)
-set(PROJECT_VERSION_PATCH 14)
+set(PROJECT_VERSION_PATCH 15)
set(CJSON_VERSION_SO 1)
set(CJSON_UTILS_VERSION_SO 1)
set(PROJECT_VERSION
"${PROJECT_VERSION_MAJOR}.${PROJECT_VERSION_MINOR}.${PROJECT_VERSION_PATCH}")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/Makefile new/cJSON-1.7.15/Makefile
--- old/cJSON-1.7.14/Makefile 2020-09-03 11:14:26.000000000 +0200
+++ new/cJSON-1.7.15/Makefile 2021-08-25 13:15:09.000000000 +0200
@@ -8,7 +8,7 @@
LDLIBS = -lm
-LIBVERSION = 1.7.14
+LIBVERSION = 1.7.15
CJSON_SOVERSION = 1
UTILS_SOVERSION = 1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/cJSON.c new/cJSON-1.7.15/cJSON.c
--- old/cJSON-1.7.14/cJSON.c 2020-09-03 11:14:26.000000000 +0200
+++ new/cJSON-1.7.15/cJSON.c 2021-08-25 13:15:09.000000000 +0200
@@ -78,8 +78,12 @@
#endif
#ifndef NAN
+#ifdef _WIN32
+#define NAN sqrt(-1.0)
+#else
#define NAN 0.0/0.0
#endif
+#endif
typedef struct {
const unsigned char *json;
@@ -113,7 +117,7 @@
}
/* This is a safeguard to prevent copy-pasters from using incompatible C and
header files */
-#if (CJSON_VERSION_MAJOR != 1) || (CJSON_VERSION_MINOR != 7) ||
(CJSON_VERSION_PATCH != 14)
+#if (CJSON_VERSION_MAJOR != 1) || (CJSON_VERSION_MINOR != 7) ||
(CJSON_VERSION_PATCH != 15)
#error cJSON.h and cJSON.c have different versions. Make sure that both
have the same.
#endif
@@ -507,10 +511,8 @@
return NULL;
}
- if (newbuffer)
- {
- memcpy(newbuffer, p->buffer, p->offset + 1);
- }
+
+ memcpy(newbuffer, p->buffer, p->offset + 1);
p->hooks.deallocate(p->buffer);
}
p->length = newsize;
@@ -2544,6 +2546,7 @@
}
a = cJSON_CreateArray();
+
for(i = 0; a && (i < (size_t)count); i++)
{
n = cJSON_CreateNumber(numbers[i]);
@@ -2562,7 +2565,10 @@
}
p = n;
}
- a->child->prev = n;
+
+ if (a && a->child) {
+ a->child->prev = n;
+ }
return a;
}
@@ -2599,7 +2605,10 @@
}
p = n;
}
- a->child->prev = n;
+
+ if (a && a->child) {
+ a->child->prev = n;
+ }
return a;
}
@@ -2618,7 +2627,7 @@
a = cJSON_CreateArray();
- for(i = 0;a && (i < (size_t)count); i++)
+ for(i = 0; a && (i < (size_t)count); i++)
{
n = cJSON_CreateNumber(numbers[i]);
if(!n)
@@ -2636,7 +2645,10 @@
}
p = n;
}
- a->child->prev = n;
+
+ if (a && a->child) {
+ a->child->prev = n;
+ }
return a;
}
@@ -2673,8 +2685,11 @@
}
p = n;
}
- a->child->prev = n;
+ if (a && a->child) {
+ a->child->prev = n;
+ }
+
return a;
}
@@ -2961,7 +2976,7 @@
CJSON_PUBLIC(cJSON_bool) cJSON_Compare(const cJSON * const a, const cJSON *
const b, const cJSON_bool case_sensitive)
{
- if ((a == NULL) || (b == NULL) || ((a->type & 0xFF) != (b->type & 0xFF))
|| cJSON_IsInvalid(a))
+ if ((a == NULL) || (b == NULL) || ((a->type & 0xFF) != (b->type & 0xFF)))
{
return false;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/cJSON.h new/cJSON-1.7.15/cJSON.h
--- old/cJSON-1.7.14/cJSON.h 2020-09-03 11:14:26.000000000 +0200
+++ new/cJSON-1.7.15/cJSON.h 2021-08-25 13:15:09.000000000 +0200
@@ -81,7 +81,7 @@
/* project version */
#define CJSON_VERSION_MAJOR 1
#define CJSON_VERSION_MINOR 7
-#define CJSON_VERSION_PATCH 14
+#define CJSON_VERSION_PATCH 15
#include <stddef.h>
@@ -256,7 +256,7 @@
/* Minify a strings, remove blank characters(such as ' ', '\t', '\r', '\n')
from strings.
* The input pointer json cannot point to a read-only address area, such as a
string constant,
- * but should point to a readable and writable adress area. */
+ * but should point to a readable and writable address area. */
CJSON_PUBLIC(void) cJSON_Minify(char *json);
/* Helper functions for creating and adding items to an object at the same
time.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/cJSON_Utils.c
new/cJSON-1.7.15/cJSON_Utils.c
--- old/cJSON-1.7.14/cJSON_Utils.c 2020-09-03 11:14:26.000000000 +0200
+++ new/cJSON-1.7.15/cJSON_Utils.c 2021-08-25 13:15:09.000000000 +0200
@@ -960,7 +960,9 @@
/* split pointer in parent and child */
parent_pointer = cJSONUtils_strdup((unsigned char*)path->valuestring);
- child_pointer = (unsigned char*)strrchr((char*)parent_pointer, '/');
+ if (parent_pointer) {
+ child_pointer = (unsigned char*)strrchr((char*)parent_pointer, '/');
+ }
if (child_pointer != NULL)
{
child_pointer[0] = '\0';
@@ -1406,6 +1408,10 @@
from_child = from->child;
to_child = to->child;
patch = cJSON_CreateObject();
+ if (patch == NULL)
+ {
+ return NULL;
+ }
while (from_child || to_child)
{
int diff;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/tests/cjson_add.c
new/cJSON-1.7.15/tests/cjson_add.c
--- old/cJSON-1.7.14/tests/cjson_add.c 2020-09-03 11:14:26.000000000 +0200
+++ new/cJSON-1.7.15/tests/cjson_add.c 2021-08-25 13:15:09.000000000 +0200
@@ -117,6 +117,50 @@
cJSON_Delete(root);
}
+static void cjson_create_int_array_should_fail_on_allocation_failure(void)
+{
+ int numbers[] = {1, 2, 3};
+
+ cJSON_InitHooks(&failing_hooks);
+
+ TEST_ASSERT_NULL(cJSON_CreateIntArray(numbers, 3));
+
+ cJSON_InitHooks(NULL);
+}
+
+static void cjson_create_float_array_should_fail_on_allocation_failure(void)
+{
+ float numbers[] = {1.0f, 2.0f, 3.0f};
+
+ cJSON_InitHooks(&failing_hooks);
+
+ TEST_ASSERT_NULL(cJSON_CreateFloatArray(numbers, 3));
+
+ cJSON_InitHooks(NULL);
+}
+
+static void cjson_create_double_array_should_fail_on_allocation_failure(void)
+{
+ double numbers[] = {1.0, 2.0, 3.0};
+
+ cJSON_InitHooks(&failing_hooks);
+
+ TEST_ASSERT_NULL(cJSON_CreateDoubleArray(numbers, 3));
+
+ cJSON_InitHooks(NULL);
+}
+
+static void cjson_create_string_array_should_fail_on_allocation_failure(void)
+{
+ const char* strings[] = {"1", "2", "3"};
+
+ cJSON_InitHooks(&failing_hooks);
+
+ TEST_ASSERT_NULL(cJSON_CreateStringArray(strings, 3));
+
+ cJSON_InitHooks(NULL);
+}
+
static void cjson_add_false_should_add_false(void)
{
cJSON *root = cJSON_CreateObject();
@@ -390,6 +434,11 @@
RUN_TEST(cjson_add_true_should_fail_with_null_pointers);
RUN_TEST(cjson_add_true_should_fail_on_allocation_failure);
+ RUN_TEST(cjson_create_int_array_should_fail_on_allocation_failure);
+ RUN_TEST(cjson_create_float_array_should_fail_on_allocation_failure);
+ RUN_TEST(cjson_create_double_array_should_fail_on_allocation_failure);
+ RUN_TEST(cjson_create_string_array_should_fail_on_allocation_failure);
+
RUN_TEST(cjson_add_false_should_add_false);
RUN_TEST(cjson_add_false_should_fail_with_null_pointers);
RUN_TEST(cjson_add_false_should_fail_on_allocation_failure);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/tests/json_patch_tests.c
new/cJSON-1.7.15/tests/json_patch_tests.c
--- old/cJSON-1.7.14/tests/json_patch_tests.c 2020-09-03 11:14:26.000000000
+0200
+++ new/cJSON-1.7.15/tests/json_patch_tests.c 2021-08-25 13:15:09.000000000
+0200
@@ -66,7 +66,7 @@
}
else
{
- printf("Testing unkown\n");
+ printf("Testing unknown\n");
}
disabled = cJSON_GetObjectItemCaseSensitive(test, "disabled");
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cJSON-1.7.14/tests/readme_examples.c
new/cJSON-1.7.15/tests/readme_examples.c
--- old/cJSON-1.7.14/tests/readme_examples.c 2020-09-03 11:14:26.000000000
+0200
+++ new/cJSON-1.7.15/tests/readme_examples.c 2021-08-25 13:15:09.000000000
+0200
@@ -69,7 +69,7 @@
goto end;
}
/* after creation was successful, immediately add it to the monitor,
- * thereby transfering ownership of the pointer to it */
+ * thereby transferring ownership of the pointer to it */
cJSON_AddItemToObject(monitor, "name", name);
resolutions = cJSON_CreateArray();
