Overview

File CVE-2022-31117-fix-double-free-str-decoding.patch of Package python-ujson.25214

From b21da40ead640b6153783dad506e68b4024056ef Mon Sep 17 00:00:00 2001
From: JustAnotherArchivist <JustAnotherArchivist@users.noreply.github.com>
Date: Mon, 27 Jun 2022 22:26:31 +0000
Subject: [PATCH] Fix double free on string decoding if realloc fails

---
 lib/ultrajsondec.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/lib/ultrajsondec.c
+++ b/lib/ultrajsondec.c
@@ -451,7 +451,7 @@ FASTCALL_ATTR JSOBJ FASTCALL_MSVC decode
       escStart = (wchar_t *)ds->dec->realloc(ds->escStart, newSize * sizeof(wchar_t));
       if (!escStart)
       {
-        ds->dec->free(ds->escStart);
+        // Don't free ds->escStart here; it gets handled in JSON_DecodeObject.
         return SetError(ds, -1, "Could not reserve memory block");
       }
       ds->escStart = escStart;
openSUSE Build Service is sponsored by
Places