File libyajl-CVE-2023-33460.patch of Package libyajl

From c5597ea8483116d4f4cd104b8c3d641e4d4385fa Mon Sep 17 00:00:00 2001
From: Jim Fehlig <jfehlig@suse.com>
Date: Fri, 7 Jul 2023 15:21:21 -0600
Subject: [PATCH] Fix for CVE-2023-33460

Fix memory leak in yajl_tree_parse function
---
 src/yajl_tree.c | 6 ++++++
 1 file changed, 6 insertions(+)

Index: yajl-2.1.0/src/yajl_tree.c
===================================================================
--- yajl-2.1.0.orig/src/yajl_tree.c
+++ yajl-2.1.0/src/yajl_tree.c
@@ -445,6 +445,12 @@ yajl_val yajl_tree_parse (const char *in
              YA_FREE(&(handle->alloc), internal_err_str);
         }
         yajl_free (handle);
+        /*
+         * If the requested memory is not released in time, it will cause
+         * memory leakage
+         */
+        if(ctx.root)
+            yajl_tree_free(ctx.root);
         return NULL;
     }

Places

File libyajl-CVE-2023-33460.patch of Package libyajl

Places