From 831e6be5931e136cf4eacccc8be288e3fcc195dc Mon Sep 17 00:00:00 2001
From: tabudz <tanb74653@gmail.com>
Date: Mon, 24 Nov 2025 16:15:02 +0800
Subject: [PATCH] Fix for CVE-2023-33460a

Memory leak in yajl 2.1.0 with use of yajl_tree_parse function
See lloyd#250 (comment)

Origin: openEuler-BaseService@23a122e
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039984
Bug: lloyd#250
---
 .../main/jni/rapidjson/thirdparty/yajl/src/yajl_tree.c   | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/libuvccamera/src/main/jni/rapidjson/thirdparty/yajl/src/yajl_tree.c b/libuvccamera/src/main/jni/rapidjson/thirdparty/yajl/src/yajl_tree.c
index 3e7da94..412c067 100644
--- a/libuvccamera/src/main/jni/rapidjson/thirdparty/yajl/src/yajl_tree.c
+++ b/libuvccamera/src/main/jni/rapidjson/thirdparty/yajl/src/yajl_tree.c
@@ -143,7 +143,7 @@ static yajl_val context_pop(context_t *ctx)
     ctx->stack = stack->next;
 
     v = stack->value;
-
+    free (stack->key);
     free (stack);
 
     return (v);
@@ -444,7 +444,14 @@ yajl_val yajl_tree_parse (const char *input,
                                         (const unsigned char *) input,
                                         strlen(input)));
         }
+        while(ctx.stack != NULL) {
+             yajl_val v = context_pop(&ctx);
+             yajl_tree_free(v);
+        }
         yajl_free (handle);
+        //If the requested memory is not released in time, it will cause memory leakage
+        if(ctx.root)
+            yajl_tree_free(ctx.root);
         return NULL;
     }