diff --git a/backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch b/backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch
new file mode 100644
index 0000000000000000000000000000000000000000..088c3bff844d7503e4db23ff86fee3bb97ba919c
--- /dev/null
+++ b/backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch
@@ -0,0 +1,48 @@
+From 296db618e9d1862aea788e90e751b4999db41a2a Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Wed, 12 Jan 2022 23:43:03 +0100
+Subject: [PATCH] json_escape_str(): avoid harmless unsigned integer overflow
+
+Current behaviour is perfectly valid, since wrap-over upon overflow is
+well defined behaviour for unsigned types, but it is nevertheless nice to be
+able to build with -fsanitize=undefined,unsigned-integer-overflow
+
+There is no significant effect on the generated assembly as can be seen
+on the diff of objdump -d output on a optimized build (the compiler
+just decided to switch the order of a comparison):
+
+@@ -135,8 +135,8 @@
+  1d0:  0f 84 70 ff ff ff       je     146 <json_escape_str+0x146>
+  1d6:  4c 3b 24 24             cmp    (%rsp),%r12
+  1da:  0f 85 2d ff ff ff       jne    10d <json_escape_str+0x10d>
+- 1e0:  49 39 f4                cmp    %rsi,%r12
+- 1e3:  0f 87 b7 00 00 00       ja     2a0 <json_escape_str+0x2a0>
++ 1e0:  4c 39 e6                cmp    %r12,%rsi
++ 1e3:  0f 82 b7 00 00 00       jb     2a0 <json_escape_str+0x2a0>
+  1e9:  48 8b 44 24 18          mov    0x18(%rsp),%rax
+  1ee:  64 48 33 04 25 28 00    xor    %fs:0x28,%rax
+  1f5:  00 00
+
+Conflict:NA
+Reference:https://github.com/json-c/json-c/commit/296db618e9d1862aea788e90e751b4999db41a2a
+---
+ json_object.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/json_object.c b/json_object.c
+index 9198257..3216941 100644
+--- a/json_object.c
++++ b/json_object.c
+@@ -216,8 +216,9 @@ static int json_escape_str(struct printbuf *pb, const char *str, size_t len, int
+ {
+ 	int pos = 0, start_offset = 0;
+ 	unsigned char c;
+-	while (len--)
++	while (len)
+ 	{
++		--len;
+ 		c = str[pos];
+ 		switch (c)
+ 		{
+-- 
+2.27.0
\ No newline at end of file
diff --git a/json-c.spec b/json-c.spec
index 345f3feb831fc8d88d4ce44dd35821aa3aedbb5c..b8b37fc94f92b3fb1ecf9fffe38f8007cc4032bf 100644
--- a/json-c.spec
+++ b/json-c.spec
@@ -6,7 +6,7 @@
 
 Name:           json-c
 Version:        0.15
-Release:        3
+Release:        4
 Summary:        JSON implementation in C
 
 License:        MIT
@@ -27,6 +27,8 @@ Summary:        Development files for %{name}
 
 Requires:       %{name}%{?_isa} == %{version}-%{release}
 
+Patch6001:      backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch
+
 %description    devel
 This package contains libraries and header files for
 developing applications that use %{name}.
@@ -96,6 +98,9 @@ hardlink -cfv %{buildroot}%{_pkgdocdir}
 %doc %{_pkgdocdir}
 
 %changelog
+* Fri May 6 2022 wuchaochao <cyanrose@yeah.net> - 0.15-4
+- add   backport-json-escape-str-avoid-harmless-unsigned-integer-overflow.patch
+
 * Thu Apr 7 2022 wuchaochao <cyanrose@yeah.net> - 0.15-3
 - add check