File CVE-2022-28948.patch of Package ignition.40360

From 8f96da9f5d5eff988554c1aae1784627c4bf6754 Mon Sep 17 00:00:00 2001
From: Gustavo Niemeyer <gustavo@niemeyer.net>
Date: Sat, 21 May 2022 11:31:04 +0100
Subject: [PATCH] Explicitly check the parser for errors on peek

It's curious choice from the underlying API to generally return a
positive result on success, but on this case return true in an error
scenario.

Fixes #666
---
 decode.go      | 5 ++++-
 decode_test.go | 1 +
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/decode.go b/decode.go
index c59dea47..0173b698 100644
--- a/vendor/gopkg.in/yaml.v3/decode.go
+++ b/vendor/gopkg.in/yaml.v3/decode.go
@@ -100,7 +100,10 @@ func (p *parser) peek() yaml_event_type_t {
 	if p.event.typ != yaml_NO_EVENT {
 		return p.event.typ
 	}
-	if !yaml_parser_parse(&p.parser, &p.event) {
+	// It's curious choice from the underlying API to generally return a
+	// positive result on success, but on this case return true in an error
+	// scenario. This was the source of bugs in the past (issue #666).
+	if !yaml_parser_parse(&p.parser, &p.event) || p.parser.error != yaml_NO_ERROR {
 		p.fail()
 	}
 	return p.event.typ