Hello community,
here is the log from the commit of package libfastjson for openSUSE:Factory checked in at 2018-01-16 09:37:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libfastjson (Old)
and /work/SRC/openSUSE:Factory/.libfastjson.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libfastjson"
Tue Jan 16 09:37:49 2018 rev:8 rq:563851 version:0.99.8
Changes:
--------
--- /work/SRC/openSUSE:Factory/libfastjson/libfastjson.changes 2017-11-16 13:58:56.870118451 +0100
+++ /work/SRC/openSUSE:Factory/.libfastjson.new/libfastjson.changes 2018-01-16 09:37:50.526407237 +0100
@@ -1,0 +2,9 @@
+Fri Jan 12 13:38:16 UTC 2018 - astieger@suse.com
+
+- update to 0.99.8:
+ * make build under gcc7 with strict settings (warning==error)
+ * bugfix: constant key names not properly handled
+ * fix potentially invalid return value of fjson_object_iter_begin
+ * fix small potential memory leak in json_tokener
+
+-------------------------------------------------------------------
Old:
----
libfastjson-0.99.7.tar.gz
New:
----
libfastjson-0.99.8.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libfastjson.spec ++++++
--- /var/tmp/diff_new_pack.uL63oW/_old 2018-01-16 09:37:51.190376159 +0100
+++ /var/tmp/diff_new_pack.uL63oW/_new 2018-01-16 09:37:51.194375971 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libfastjson
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%define somajor 4
Name: libfastjson
-Version: 0.99.7
+Version: 0.99.8
Release: 0
Summary: Fast JSON parsing library, a fork of json-c
License: MIT
++++++ libfastjson-0.99.7.tar.gz -> libfastjson-0.99.8.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/ChangeLog new/libfastjson-0.99.8/ChangeLog
--- old/libfastjson-0.99.7/ChangeLog 2017-10-16 11:38:52.000000000 +0200
+++ new/libfastjson-0.99.8/ChangeLog 2017-12-18 12:04:30.000000000 +0100
@@ -1,3 +1,18 @@
+0.99.8 2017-12-18
+- make build under gcc7 with strict settings (warning==error)
+- bugfix: constant key names not properly handled
+ if fjson_object_object_add_ex() is used with option
+ FJSON_OBJECT_KEY_IS_CONSTANT, fjson_object_object_del() will still
+ try to delete the key name. Depending on use, this can lead to
+ double-free, use-after-free or no problem.
+ see also https://github.com/rsyslog/rsyslog/issues/1839
+ closes https://github.com/rsyslog/libfastjson/issues/148
+- fix potentially invalid return value of fjson_object_iter_begin
+ this could lead to callers doing improper opreations and thus
+ could lead to a segfault in callers
+ detected by Coverity scan, CID 198891
+- fix small potential memory leak in json_tokener (unlinkely to occur)
+ detected by Coverity Scan, CID 198890
0.99.7 2017-10-17
- added option for case-insensitive comparisons
This permits to search for json keys in a case-sensitive way.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/configure new/libfastjson-0.99.8/configure
--- old/libfastjson-0.99.7/configure 2017-10-16 11:43:18.000000000 +0200
+++ new/libfastjson-0.99.8/configure 2017-12-18 12:04:51.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for libfastjson 0.99.7.
+# Generated by GNU Autoconf 2.69 for libfastjson 0.99.8.
#
# Report bugs to .
#
@@ -590,8 +590,8 @@
# Identity of this package.
PACKAGE_NAME='libfastjson'
PACKAGE_TARNAME='libfastjson'
-PACKAGE_VERSION='0.99.7'
-PACKAGE_STRING='libfastjson 0.99.7'
+PACKAGE_VERSION='0.99.8'
+PACKAGE_STRING='libfastjson 0.99.8'
PACKAGE_BUGREPORT='rsyslog@lists.adiscon.com'
PACKAGE_URL=''
@@ -1336,7 +1336,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures libfastjson 0.99.7 to adapt to many kinds of systems.
+\`configure' configures libfastjson 0.99.8 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1407,7 +1407,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of libfastjson 0.99.7:";;
+ short | recursive ) echo "Configuration of libfastjson 0.99.8:";;
esac
cat <<\_ACEOF
@@ -1525,7 +1525,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-libfastjson configure 0.99.7
+libfastjson configure 0.99.8
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1948,7 +1948,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by libfastjson $as_me 0.99.7, which was
+It was created by libfastjson $as_me 0.99.8, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -2838,7 +2838,7 @@
# Define the identity of the package.
PACKAGE='libfastjson'
- VERSION='0.99.7'
+ VERSION='0.99.8'
cat >>confdefs.h <<_ACEOF
@@ -14559,7 +14559,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by libfastjson $as_me 0.99.7, which was
+This file was extended by libfastjson $as_me 0.99.8, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -14625,7 +14625,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-libfastjson config.status 0.99.7
+libfastjson config.status 0.99.8
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/configure.ac new/libfastjson-0.99.8/configure.ac
--- old/libfastjson-0.99.7/configure.ac 2017-10-16 11:40:10.000000000 +0200
+++ new/libfastjson-0.99.8/configure.ac 2017-12-18 12:02:59.000000000 +0100
@@ -1,7 +1,7 @@
AC_PREREQ(2.52)
# Process this file with autoconf to produce a configure script.
-AC_INIT([libfastjson], [0.99.7], [rsyslog@lists.adiscon.com])
+AC_INIT([libfastjson], [0.99.8], [rsyslog@lists.adiscon.com])
# AIXPORT START: Detect the underlying OS
unamestr=$(uname)
AM_CONDITIONAL([AIX], [test x$unamestr = xAIX])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/json_object.c new/libfastjson-0.99.8/json_object.c
--- old/libfastjson-0.99.7/json_object.c 2017-10-16 11:33:40.000000000 +0200
+++ new/libfastjson-0.99.8/json_object.c 2017-12-16 11:45:04.000000000 +0100
@@ -510,7 +510,9 @@
{
struct _fjson_child *const chld = _fjson_find_child(jso, key);
if (chld != NULL) {
- free((void*)chld->k);
+ if(!chld->flags.k_is_constant) {
+ free((void*)chld->k);
+ }
fjson_object_put(chld->v);
chld->flags.k_is_constant = 0;
chld->k = NULL;
@@ -658,6 +660,7 @@
case fjson_type_string:
if (fjson_parse_int64(get_string_component(jso), &cint) == 0)
return cint;
+ ATTR_FALLTHROUGH
case fjson_type_null:
case fjson_type_object:
case fjson_type_array:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/json_object_iterator.c new/libfastjson-0.99.8/json_object_iterator.c
--- old/libfastjson-0.99.7/json_object_iterator.c 2017-10-04 17:07:51.000000000 +0200
+++ new/libfastjson-0.99.8/json_object_iterator.c 2017-12-16 13:16:06.000000000 +0100
@@ -64,7 +64,11 @@
struct fjson_object_iterator
fjson_object_iter_begin(struct fjson_object *const __restrict__ obj)
{
- struct fjson_object_iterator iter;
+ struct fjson_object_iterator iter = {
+ .objs_remain = 0,
+ .curr_idx = 0,
+ .pg = NULL
+ };
if(obj->o_type == fjson_type_object) {
iter.objs_remain = obj->o.c_obj.nelem;
@@ -77,8 +81,6 @@
fjson_object_iter_next(&iter);
}
}
- } else { /* non-object */
- iter.objs_remain = 0;
}
return iter;
}
@@ -89,13 +91,11 @@
struct fjson_object_iterator
fjson_object_iter_end(const struct fjson_object __attribute__((unused)) *obj)
{
- struct fjson_object_iterator iter;
-
- JASSERT(NULL != obj);
-
- /// @note the end condition is actually that no more entries are
- /// present, so only set that property.
- iter.objs_remain = 0;
+ struct fjson_object_iterator iter = {
+ .objs_remain = 0,
+ .curr_idx = 0,
+ .pg = NULL
+ };
return iter;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/json_object_private.h new/libfastjson-0.99.8/json_object_private.h
--- old/libfastjson-0.99.7/json_object_private.h 2017-10-16 11:33:40.000000000 +0200
+++ new/libfastjson-0.99.8/json_object_private.h 2017-10-23 08:23:21.000000000 +0200
@@ -17,6 +17,13 @@
extern "C" {
#endif
+/* define a couple of attributes to improve cross-platform builds */
+#if __GNUC__ > 6
+ #define ATTR_FALLTHROUGH __attribute__((fallthrough));
+#else
+ #define ATTR_FALLTHROUGH
+#endif
+
#define LEN_DIRECT_STRING_DATA 32 /**< how many bytes are directly stored in fjson_object for strings? */
/**
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/json_print.c new/libfastjson-0.99.8/json_print.c
--- old/libfastjson-0.99.7/json_print.c 2017-10-16 11:33:40.000000000 +0200
+++ new/libfastjson-0.99.8/json_print.c 2017-12-16 11:45:04.000000000 +0100
@@ -181,7 +181,8 @@
va_start(arguments, format);
// format into the buffer, again
- buffer->size += vsnprintf(buffer->buffer + buffer->filled, buffer->size - buffer->filled - 1, format, arguments);
+ buffer->size += vsnprintf(buffer->buffer + buffer->filled,
+ buffer->size - buffer->filled - 1, format, arguments);
// clean up varargs
va_end(arguments);
@@ -283,7 +284,8 @@
case '\\': result += buffer_append(buffer, "\\\\", 2); break;
case '/': result += buffer_append(buffer, "\\/", 2); break;
default:
- result += buffer_printf(buffer, "\\u00%c%c", fjson_hex_chars[*str >> 4], fjson_hex_chars[*str & 0xf]);
+ result += buffer_printf(buffer, "\\u00%c%c",
+ fjson_hex_chars[*str >> 4], fjson_hex_chars[*str & 0xf]);
break;
}
start_offset = ++str;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/json_tokener.c new/libfastjson-0.99.8/json_tokener.c
--- old/libfastjson-0.99.7/json_tokener.c 2017-10-04 17:07:51.000000000 +0200
+++ new/libfastjson-0.99.8/json_tokener.c 2017-12-16 13:16:06.000000000 +0100
@@ -32,6 +32,7 @@
#include "printbuf.h"
#include "arraylist.h"
#include "json_object.h"
+#include "json_object_private.h"
#include "json_tokener.h"
#include "json_util.h"
@@ -135,7 +136,8 @@
free(tok);
}
-static void fjson_tokener_reset_level(struct fjson_tokener *tok, int depth)
+static void __attribute__((nonnull(1)))
+fjson_tokener_reset_level(struct fjson_tokener *const tok, const int depth)
{
tok->stack[depth].state = fjson_tokener_state_eatws;
tok->stack[depth].saved_state = fjson_tokener_state_start;
@@ -145,7 +147,7 @@
tok->stack[depth].obj_field_name = NULL;
}
-void fjson_tokener_reset(struct fjson_tokener *tok)
+void fjson_tokener_reset(struct fjson_tokener *const tok)
{
int i;
if (!tok)
@@ -157,7 +159,8 @@
tok->err = fjson_tokener_success;
}
-struct fjson_object *fjson_tokener_parse(const char *str)
+struct fjson_object * __attribute__((nonnull(1)))
+fjson_tokener_parse(const char *const str)
{
enum fjson_tokener_error jerr_ignored;
struct fjson_object *obj;
@@ -165,7 +168,9 @@
return obj;
}
-struct fjson_object *fjson_tokener_parse_verbose(const char *str, enum fjson_tokener_error *error)
+struct fjson_object * __attribute__((nonnull(1, 2)))
+fjson_tokener_parse_verbose(const char *const str,
+ enum fjson_tokener_error *const error)
{
struct fjson_tokener *tok;
struct fjson_object *obj;
@@ -251,6 +256,9 @@
the string length is less than INT32_MAX (2GB) */
if ((len < -1) || (len == -1 && strlen(str) > INT32_MAX)) {
tok->err = fjson_tokener_error_size;
+# ifdef HAVE_SETLOCALE
+ free(oldlocale);
+# endif
return NULL;
}
@@ -305,6 +313,8 @@
tok->err = fjson_tokener_error_parse_unexpected;
goto out;
}
+ /* TODO: verify if FALLTHROUGH is actually right! */
+ ATTR_FALLTHROUGH
case '"':
state = fjson_tokener_state_string;
printbuf_reset(tok->pb);
@@ -543,12 +553,14 @@
if (got_hi_surrogate) {
if (IS_LOW_SURROGATE(tok->ucs_char)) {
- /* Recalculate the ucs_char, then fall thru to process normally */
+ /* Recalculate the ucs_char, then fall thru to process
+ normally */
tok->ucs_char =
DECODE_SURROGATE_PAIR(got_hi_surrogate,
tok->ucs_char);
} else {
- /* Hi surrogate was not followed by a low surrogate */
+ /* Hi surrogate was not followed by a low
+ * surrogate */
/* Replace the hi and process the rest normally */
printbuf_memappend_fast(tok->pb,
(char *)
@@ -556,10 +568,11 @@
3);
}
got_hi_surrogate = 0;
- /* clang static analyzer thins that got_hi_surrogate is never read,
- * however, it is read on each iteration. So I assume clang has a false
- * positive. We use the otherwise nonsense statement below to make it
- * happy.
+ /* clang static analyzer thins that got_hi_surrogate
+ * is never read, * however, it is read on each
+ * iteration. So I assume clang has a false positive.
+ * We use the otherwise nonsense statement below to
+ * make it happy.
*/
if (got_hi_surrogate) {
};
@@ -584,8 +597,9 @@
if ((tok->char_offset + 1 != len) &&
(tok->char_offset + 2 != len) &&
(str[1] == '\\') && (str[2] == 'u')) {
- /* Advance through the 16 bit surrogate, and move on to the
- * next sequence. The next step is to process the following
+ /* Advance through the 16 bit surrogate, and
+ * move on to the next sequence. The next
+ * step is to process the following
* characters.
*/
if (!ADVANCE_CHAR(str, tok)
@@ -608,11 +622,11 @@
}
tok->ucs_char = 0;
tok->st_pos = 0;
- continue; /* other fjson_tokener_state_escape_unicode */
+ continue;/* other fjson_tokener_state_escape_unicode */
} else {
- /* Got a high surrogate without another sequence following
- * it. Put a replacement char in for the hi surrogate
- * and pretend we finished.
+ /* Got a high surrogate without another sequence
+ * following it. Put a replacement char in for
+ * the hi surrogate and pretend we finished.
*/
printbuf_memappend_fast(tok->pb,
(char *)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libfastjson-0.99.7/tests/chk_version new/libfastjson-0.99.8/tests/chk_version
--- old/libfastjson-0.99.7/tests/chk_version 2017-10-16 11:47:41.000000000 +0200
+++ new/libfastjson-0.99.8/tests/chk_version 2017-12-18 12:05:32.000000000 +0100
@@ -31,7 +31,7 @@
# if CDPATH is set.
(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
-relink_command="(cd /home/rger/proj/libfastjson/tests; { test -z \"\${LIBRARY_PATH+set}\" || unset LIBRARY_PATH || { LIBRARY_PATH=; export LIBRARY_PATH; }; }; { test -z \"\${COMPILER_PATH+set}\" || unset COMPILER_PATH || { COMPILER_PATH=; export COMPILER_PATH; }; }; { test -z \"\${GCC_EXEC_PREFIX+set}\" || unset GCC_EXEC_PREFIX || { GCC_EXEC_PREFIX=; export GCC_EXEC_PREFIX; }; }; { test -z \"\${LD_RUN_PATH+set}\" || unset LD_RUN_PATH || { LD_RUN_PATH=; export LD_RUN_PATH; }; }; LD_LIBRARY_PATH=/home/rger/proj/phd/software/cplex/opl/bin/x86-64_linux/; export LD_LIBRARY_PATH; PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/home/rger/proj/phd/software/cplex/cplex/bin/x86-64_linux/:/home/rger/proj/phd/software/cplex/opl/bin/x86-64_linux/:/home/rger/proj/phd/software/cplex/opl/oplide; export PATH; clang -fno-strict-aliasing -Wall -Wextra -Wundef -Wnested-externs -Wwrite-strings -Wpointer-arith -Wmissing-declarations -Wmissing-prototypes -Wstrict-prototypes -Wredundant-decls -Wno-unused-parameter -Wno-missing-field-initializers -Wdeclaration-after-statement -Wformat=2 -Wold-style-definition -Wcast-align -Wformat-nonliteral -Wformat-security -Wsign-compare -Wstrict-aliasing -Wshadow -Winline -Wpacked -Wmissing-format-attribute -Wmissing-noreturn -Winit-self -Wmissing-include-dirs -Warray-bounds -Wimplicit-function-declaration -Wreturn-type -Wswitch-enum -Wswitch-default -Werror -Wno-error=unused-parameter -Wno-error=missing-field-initializers -g -o \$progdir/\$file chk_version.o ../.libs/libfastjson.so ../.libs/libfastjson-internal.a -Wl,-rpath -Wl,/home/rger/proj/libfastjson/.libs)"
+relink_command="(cd /home/rger/proj/libfastjson/tests; { test -z \"\${LIBRARY_PATH+set}\" || unset LIBRARY_PATH || { LIBRARY_PATH=; export LIBRARY_PATH; }; }; { test -z \"\${COMPILER_PATH+set}\" || unset COMPILER_PATH || { COMPILER_PATH=; export COMPILER_PATH; }; }; { test -z \"\${GCC_EXEC_PREFIX+set}\" || unset GCC_EXEC_PREFIX || { GCC_EXEC_PREFIX=; export GCC_EXEC_PREFIX; }; }; { test -z \"\${LD_RUN_PATH+set}\" || unset LD_RUN_PATH || { LD_RUN_PATH=; export LD_RUN_PATH; }; }; LD_LIBRARY_PATH=/home/rger/proj/phd/software/cplex/opl/bin/x86-64_linux/; export LD_LIBRARY_PATH; PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/home/rger/proj/phd/software/cplex/cplex/bin/x86-64_linux/:/home/rger/proj/phd/software/cplex/opl/bin/x86-64_linux/:/home/rger/proj/phd/software/cplex/opl/oplide:/home/rger/proj/coverty/cov-analysis-linux64-2017.07/bin; export PATH; gcc -fno-strict-aliasing -Wall -Wextra -Wundef -Wnested-externs -Wwrite-strings -Wpointer-arith -Wmissing-declarations -Wmissing-prototypes -Wstrict-prototypes -Wredundant-decls -Wno-unused-parameter -Wno-missing-field-initializers -Wdeclaration-after-statement -Wformat=2 -Wold-style-definition -Wcast-align -Wformat-nonliteral -Wformat-security -Wsign-compare -Wstrict-aliasing -Wshadow -Winline -Wpacked -Wmissing-format-attribute -Wmissing-noreturn -Winit-self -Wmissing-include-dirs -Wunused-but-set-variable -Warray-bounds -Wimplicit-function-declaration -Wreturn-type -Wswitch-enum -Wswitch-default -Werror -Wno-suggest-attribute=format -Wno-error=unused-parameter -Wno-error=missing-field-initializers -g -o \$progdir/\$file chk_version.o ../.libs/libfastjson.so ../.libs/libfastjson-internal.a -Wl,-rpath -Wl,/home/rger/proj/libfastjson/.libs)"
# This environment variable determines our operation mode.
if test "$libtool_install_magic" = "%%%MAGIC variable%%%"; then