Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:Update
python-ujson.25214
CVE-2022-31117-fix-double-free-str-decoding.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2022-31117-fix-double-free-str-decoding.patch of Package python-ujson.25214
From b21da40ead640b6153783dad506e68b4024056ef Mon Sep 17 00:00:00 2001 From: JustAnotherArchivist <JustAnotherArchivist@users.noreply.github.com> Date: Mon, 27 Jun 2022 22:26:31 +0000 Subject: [PATCH] Fix double free on string decoding if realloc fails --- lib/ultrajsondec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/lib/ultrajsondec.c +++ b/lib/ultrajsondec.c @@ -451,7 +451,7 @@ FASTCALL_ATTR JSOBJ FASTCALL_MSVC decode escStart = (wchar_t *)ds->dec->realloc(ds->escStart, newSize * sizeof(wchar_t)); if (!escStart) { - ds->dec->free(ds->escStart); + // Don't free ds->escStart here; it gets handled in JSON_DecodeObject. return SetError(ds, -1, "Could not reserve memory block"); } ds->escStart = escStart;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
