From 0099bad30b22fe895223393bcc60f44b30fa86f9 Mon Sep 17 00:00:00 2001 From: Marko Ratkaj Date: Tue, 6 Nov 2018 16:55:47 +0100 Subject: [PATCH] utils: jq: bump version to 1.6 Signed-off-by: Marko Ratkaj --- utils/jq/Makefile | 11 ++++-- utils/jq/patches/001-stack-exhaustion.patch | 37 ------------------- .../jq/patches/002-heap-buffer-overflow.patch | 34 ----------------- 3 files changed, 8 insertions(+), 74 deletions(-) delete mode 100644 utils/jq/patches/001-stack-exhaustion.patch delete mode 100644 utils/jq/patches/002-heap-buffer-overflow.patch diff --git a/utils/jq/Makefile b/utils/jq/Makefile index 7a1fcb1e2..053063e33 100644 --- a/utils/jq/Makefile +++ b/utils/jq/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=jq -PKG_VERSION:=1.5 -PKG_RELEASE:=2 +PKG_VERSION:=1.6 +PKG_RELEASE:=1 PKG_LICENSE:=BSD PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/stedolan/jq/releases/download/jq-$(PKG_VERSION)/ -PKG_HASH:=c4d2bfec6436341113419debf479d833692cc5cdab7eb0326b5a4d4fbe9f493c +PKG_HASH:=9625784cf2e4fd9842f1d407681ce4878b5b0dcddbcd31c6135114a30c71e6a8 PKG_INSTALL:=1 @@ -26,6 +26,11 @@ endif TARGET_CFLAGS += -std=c99 +CONFIGURE_ARGS+= \ + --disable-docs \ + --disable-valgrind \ + --without-oniguruma + define Package/jq SECTION:=utils CATEGORY:=Utilities diff --git a/utils/jq/patches/001-stack-exhaustion.patch b/utils/jq/patches/001-stack-exhaustion.patch deleted file mode 100644 index 8d23f6108..000000000 --- a/utils/jq/patches/001-stack-exhaustion.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 2d38a12d686a5156d4e7afb1fed7851805590582 Mon Sep 17 00:00:00 2001 -From: W-Mark Kubacki -Date: Fri, 19 Aug 2016 19:50:39 +0200 -Subject: [PATCH] Skip printing at MAX_DEPTH and deeper - -This addresses #1136, and mitigates a stack exhaustion when printing -a very deeply nested term. ---- - src/jv_print.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/src/jv_print.c b/src/jv_print.c -index 5f4f234..cf6651b 100644 ---- src/jv_print.c -+++ src/jv_print.c -@@ -13,6 +13,10 @@ - #include "jv_dtoa.h" - #include "jv_unicode.h" - -+#ifndef MAX_DEPTH -+#define MAX_DEPTH 256 -+#endif -+ - #define ESC "\033" - #define COL(c) (ESC "[" c "m") - #define COLRESET (ESC "[0m") -@@ -150,7 +154,9 @@ static void jv_dump_term(struct dtoa_context* C, jv x, int flags, int indent, FI - } - } - } -- switch (jv_get_kind(x)) { -+ if (indent > MAX_DEPTH) { -+ put_str("", F, S, flags & JV_PRINT_ISATTY); -+ } else switch (jv_get_kind(x)) { - default: - case JV_KIND_INVALID: - if (flags & JV_PRINT_INVALID) { diff --git a/utils/jq/patches/002-heap-buffer-overflow.patch b/utils/jq/patches/002-heap-buffer-overflow.patch deleted file mode 100644 index ecfbd71c9..000000000 --- a/utils/jq/patches/002-heap-buffer-overflow.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 8eb1367ca44e772963e704a700ef72ae2e12babd Mon Sep 17 00:00:00 2001 -From: Nicolas Williams -Date: Sat, 24 Oct 2015 17:24:57 -0500 -Subject: [PATCH] Heap buffer overflow in tokenadd() (fix #105) - -This was an off-by one: the NUL terminator byte was not allocated on -resize. This was triggered by JSON-encoded numbers longer than 256 -bytes. ---- - src/jv_parse.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/jv_parse.c b/src/jv_parse.c -index 3102ed4..84245b8 100644 ---- src/jv_parse.c -+++ src/jv_parse.c -@@ -383,7 +383,7 @@ static pfunc stream_token(struct jv_parser* p, char ch) { - - static void tokenadd(struct jv_parser* p, char c) { - assert(p->tokenpos <= p->tokenlen); -- if (p->tokenpos == p->tokenlen) { -+ if (p->tokenpos >= (p->tokenlen - 1)) { - p->tokenlen = p->tokenlen*2 + 256; - p->tokenbuf = jv_mem_realloc(p->tokenbuf, p->tokenlen); - } -@@ -485,7 +485,7 @@ static pfunc check_literal(struct jv_parser* p) { - TRY(value(p, v)); - } else { - // FIXME: better parser -- p->tokenbuf[p->tokenpos] = 0; // FIXME: invalid -+ p->tokenbuf[p->tokenpos] = 0; - char* end = 0; - double d = jvp_strtod(&p->dtoa, p->tokenbuf, &end); - if (end == 0 || *end != 0)