summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnkur Tyagi <ankur.tyagi85@gmail.com>2026-04-27 01:03:45 +1200
committerAnuj Mittal <anuj.mittal@oss.qualcomm.com>2026-04-29 10:14:29 +0530
commit6cbaf81a019c8d995d67370251a755e6a14f6884 (patch)
tree2f7f707bc8a545daaf41990355b480da0267f142
parent18de8de0ef441e05deeccb319658696202b02ad8 (diff)
downloadmeta-openembedded-6cbaf81a019c8d995d67370251a755e6a14f6884.tar.gz
jq: patch CVE-2026-33948
Details: https://nvd.nist.gov/vuln/detail/CVE-2026-33948 Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com> Signed-off-by: Anuj Mittal <anuj.mittal@oss.qualcomm.com>
-rw-r--r--meta-oe/recipes-devtools/jq/jq/CVE-2026-33948.patch51
-rw-r--r--meta-oe/recipes-devtools/jq/jq_1.7.1.bb1
2 files changed, 52 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/jq/jq/CVE-2026-33948.patch b/meta-oe/recipes-devtools/jq/jq/CVE-2026-33948.patch
new file mode 100644
index 0000000000..a2aabec059
--- /dev/null
+++ b/meta-oe/recipes-devtools/jq/jq/CVE-2026-33948.patch
@@ -0,0 +1,51 @@
1From 4676c3e5675ba6e8422b021375acbd7c0ba450b0 Mon Sep 17 00:00:00 2001
2From: itchyny <itchyny@cybozu.co.jp>
3Date: Mon, 13 Apr 2026 08:46:11 +0900
4Subject: [PATCH] Fix NUL truncation in the JSON parser
5
6This fixes CVE-2026-33948.
7
8(cherry picked from commit 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b)
9
10CVE: CVE-2026-33948
11Upstream-Status: Backport [https://github.com/jqlang/jq/commit/6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b]
12Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
13---
14 src/util.c | 8 +-------
15 tests/shtest | 6 ++++++
16 2 files changed, 7 insertions(+), 7 deletions(-)
17
18diff --git a/src/util.c b/src/util.c
19index de44fa6..422a8b8 100644
20--- a/src/util.c
21+++ b/src/util.c
22@@ -311,13 +311,7 @@ static int jq_util_input_read_more(jq_util_input_state *state) {
23 if (p != NULL)
24 state->current_line++;
25
26- if (p == NULL && state->parser != NULL) {
27- /*
28- * There should be no NULs in JSON texts (but JSON text
29- * sequences are another story).
30- */
31- state->buf_valid_len = strlen(state->buf);
32- } else if (p == NULL && feof(state->current_input)) {
33+ if (p == NULL && feof(state->current_input)) {
34 size_t i;
35
36 /*
37diff --git a/tests/shtest b/tests/shtest
38index a471889..0397ca0 100755
39--- a/tests/shtest
40+++ b/tests/shtest
41@@ -609,4 +609,10 @@ $VALGRIND $Q $JQ . <<\NUM
42 -10E-1000000001
43 NUM
44
45+# CVE-2026-33948: No NUL truncation in the JSON parser
46+if printf '{}\x00{}' | $JQ >/dev/null 2> /dev/null; then
47+ printf 'Error expected but jq exited successfully\n' 1>&2
48+ exit 1
49+fi
50+
51 exit 0
diff --git a/meta-oe/recipes-devtools/jq/jq_1.7.1.bb b/meta-oe/recipes-devtools/jq/jq_1.7.1.bb
index ce7748f22c..ed1f36f6f1 100644
--- a/meta-oe/recipes-devtools/jq/jq_1.7.1.bb
+++ b/meta-oe/recipes-devtools/jq/jq_1.7.1.bb
@@ -18,6 +18,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/${BPN}-${PV}/${BPN}-${PV}.tar.gz \
18 file://CVE-2026-40164.patch \ 18 file://CVE-2026-40164.patch \
19 file://CVE-2026-32316.patch \ 19 file://CVE-2026-32316.patch \
20 file://CVE-2026-33947.patch \ 20 file://CVE-2026-33947.patch \
21 file://CVE-2026-33948.patch \
21 " 22 "
22SRC_URI[sha256sum] = "478c9ca129fd2e3443fe27314b455e211e0d8c60bc8ff7df703873deeee580c2" 23SRC_URI[sha256sum] = "478c9ca129fd2e3443fe27314b455e211e0d8c60bc8ff7df703873deeee580c2"
23 24