Skip to content

Commit

Permalink
Fix for CVE-2023-33460
Browse files Browse the repository at this point in the history
  • Loading branch information
zhang.jiujiu authored and cxong committed Sep 18, 2023
1 parent d78dc96 commit e3ae896
Showing 1 changed file with 8 additions and 1 deletion.
9 changes: 8 additions & 1 deletion src/cdogs/yajl/yajl_tree.c
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx)
ctx->stack = stack->next;

v = stack->value;

free (stack->key);
free (stack);

return (v);
Expand Down Expand Up @@ -444,7 +444,14 @@ yajl_val yajl_tree_parse (const char *input,
snprintf(error_buffer, error_buffer_size, "%s", internal_err_str);
YA_FREE(&(handle->alloc), internal_err_str);
}
while(ctx.stack != NULL) {
yajl_val v = context_pop(&ctx);
yajl_tree_free(v);
}
yajl_free (handle);
//If the requested memory is not released in time, it will cause memory leakage
if(ctx.root)
yajl_tree_free(ctx.root);
return NULL;
}

Expand Down

0 comments on commit e3ae896

Please sign in to comment.