From 99971d6d4ff7400209cdffc7dc9a4181c07705bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E8=92=8B=E5=AE=8F=E5=8D=9A?= Date: Tue, 6 Feb 2024 09:49:10 +0800 Subject: [PATCH] fix CVE-2023-50471&CVE-2023-50472 --- .../cJSON/CVE-2023-50471andCVE-2023-50472.patch | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/dependency/cJSON/CVE-2023-50471andCVE-2023-50472.patch b/dependency/cJSON/CVE-2023-50471andCVE-2023-50472.patch index a735f577c..774e3b0f4 100644 --- a/dependency/cJSON/CVE-2023-50471andCVE-2023-50472.patch +++ b/dependency/cJSON/CVE-2023-50471andCVE-2023-50472.patch @@ -1,6 +1,6 @@ diff -Naur a/cJSON.c b/cJSON.c ---- a/cJSON.c 2023-12-18 17:23:27.699147290 +0800 -+++ b/cJSON.c 2023-12-18 17:35:00.991106214 +0800 +--- a/cJSON.c 2024-02-05 19:23:06.722566273 +0800 ++++ b/cJSON.c 2024-02-05 19:22:33.685276776 +0800 @@ -401,7 +401,12 @@ { char *copy = NULL; @@ -28,17 +28,17 @@ diff -Naur a/cJSON.c b/cJSON.c return add_item_to_array(array, newitem); } -+ if (after_inserted != array->child && newitem->prev == NULL) { ++ if (after_inserted != array->child && after_inserted->prev == NULL) { + /* return false if after_inserted is a corrupted array item */ + return false; + } -+ ++ newitem->next = after_inserted; newitem->prev = after_inserted->prev; after_inserted->prev = newitem; diff -Naur a/tests/misc_tests.c b/tests/misc_tests.c ---- a/tests/misc_tests.c 2023-12-18 17:23:27.699147290 +0800 -+++ b/tests/misc_tests.c 2023-12-18 17:38:04.161210785 +0800 +--- a/tests/misc_tests.c 2024-02-05 19:23:06.726566308 +0800 ++++ b/tests/misc_tests.c 2024-02-05 19:22:33.689276811 +0800 @@ -353,6 +353,19 @@ { char buffer[10]; -- Gitee