utils: jq: bump version to 1.6

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
6 years ago · 0099bad30b
--- a/utils/jq/Makefile
+++ b/utils/jq/Makefile
@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=jq
 PKG_VERSION:=1.5
 PKG_RELEASE:=2
 PKG_VERSION:=1.6
 PKG_RELEASE:=1
 PKG_LICENSE:=BSD

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/stedolan/jq/releases/download/jq-$(PKG_VERSION)/
 PKG_HASH:=c4d2bfec6436341113419debf479d833692cc5cdab7eb0326b5a4d4fbe9f493c
 PKG_HASH:=9625784cf2e4fd9842f1d407681ce4878b5b0dcddbcd31c6135114a30c71e6a8

 PKG_INSTALL:=1

@ -26,6 +26,11 @@ endif

 TARGET_CFLAGS += -std=c99

 CONFIGURE_ARGS+= \
 	--disable-docs \
 	--disable-valgrind \
 	--without-oniguruma

 define Package/jq
  SECTION:=utils
  CATEGORY:=Utilities
--- a/utils/jq/patches/001-stack-exhaustion.patch
+++ b/utils/jq/patches/001-stack-exhaustion.patch
@ -1,37 +0,0 @@
 From 2d38a12d686a5156d4e7afb1fed7851805590582 Mon Sep 17 00:00:00 2001
 From: W-Mark Kubacki <wmark@hurrikane.de>
 Date: Fri, 19 Aug 2016 19:50:39 +0200
 Subject: [PATCH] Skip printing at MAX_DEPTH and deeper

 This addresses #1136, and mitigates a stack exhaustion when printing
 a very deeply nested term.
 ---
 src/jv_print.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

 diff --git a/src/jv_print.c b/src/jv_print.c
 index 5f4f234..cf6651b 100644
 --- src/jv_print.c
 +++ src/jv_print.c
@@ -13,6 +13,10 @@
 #include "jv_dtoa.h"
 #include "jv_unicode.h"

 +#ifndef MAX_DEPTH
 +#define MAX_DEPTH 256
 +#endif
 +
 #define ESC "\033"
 #define COL(c) (ESC "[" c "m")
 #define COLRESET (ESC "[0m")
@@ -150,7 +154,9 @@ static void jv_dump_term(struct dtoa_context* C, jv x, int flags, int indent, FI
       }
     }
   }
 -  switch (jv_get_kind(x)) {
 +  if (indent > MAX_DEPTH) {
 +    put_str("<stripped: exceeds max depth>", F, S, flags & JV_PRINT_ISATTY);
 +  } else switch (jv_get_kind(x)) {
   default:
   case JV_KIND_INVALID:
     if (flags & JV_PRINT_INVALID) {
--- a/utils/jq/patches/002-heap-buffer-overflow.patch
+++ b/utils/jq/patches/002-heap-buffer-overflow.patch
@ -1,34 +0,0 @@
 From 8eb1367ca44e772963e704a700ef72ae2e12babd Mon Sep 17 00:00:00 2001
 From: Nicolas Williams <nico@cryptonector.com>
 Date: Sat, 24 Oct 2015 17:24:57 -0500
 Subject: [PATCH] Heap buffer overflow in tokenadd() (fix #105)

 This was an off-by one: the NUL terminator byte was not allocated on
 resize.  This was triggered by JSON-encoded numbers longer than 256
 bytes.
 ---
 src/jv_parse.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

 diff --git a/src/jv_parse.c b/src/jv_parse.c
 index 3102ed4..84245b8 100644
 --- src/jv_parse.c
 +++ src/jv_parse.c
@@ -383,7 +383,7 @@ static pfunc stream_token(struct jv_parser* p, char ch) {

 static void tokenadd(struct jv_parser* p, char c) {
   assert(p->tokenpos <= p->tokenlen);
 -  if (p->tokenpos == p->tokenlen) {
 +  if (p->tokenpos >= (p->tokenlen - 1)) {
     p->tokenlen = p->tokenlen*2 + 256;
     p->tokenbuf = jv_mem_realloc(p->tokenbuf, p->tokenlen);
   }
@@ -485,7 +485,7 @@ static pfunc check_literal(struct jv_parser* p) {
     TRY(value(p, v));
   } else {
     // FIXME: better parser
 -    p->tokenbuf[p->tokenpos] = 0; // FIXME: invalid
 +    p->tokenbuf[p->tokenpos] = 0;
     char* end = 0;
     double d = jvp_strtod(&p->dtoa, p->tokenbuf, &end);
     if (end == 0 || *end != 0)