libjson-c: backport security fixes

This backports upstream fixes for the out of bounds write vulnerability in json-c.
It was reported and patches in this upstream PR: https://github.com/json-c/json-c/pull/592

Addresses CVE-2020-12762

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

1 files changed, 32 insertions, 0 deletions

diff --git a/package/libs/libjson-c/patches/002-Prevent-division-by-zero-in-linkhash.patch b/package/libs/libjson-c/patches/002-Prevent-division-by-zero-in-linkhash.patch
new file mode 100644
index 0000000000..d37fe5857b
--- /dev/null
+++ b/package/libs/libjson-c/patches/002-Prevent-division-by-zero-in-linkhash.patch
@@ -0,0 +1,32 @@
+From 77d935b7ae7871a1940cd827e850e6063044ec45 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date: Mon, 4 May 2020 19:46:45 +0200
+Subject: [PATCH 2/2] Prevent division by zero in linkhash.
+
+If a linkhash with a size of zero is created, then modulo operations
+are prone to division by zero operations.
+
+Purely protective measure against bad usage.
+---
+ linkhash.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+--- a/linkhash.c
++++ b/linkhash.c
+@@ -12,6 +12,7 @@
+ 
+ #include "config.h"
+ 
++#include <assert.h>
+ #include <stdio.h>
+ #include <string.h>
+ #include <stdlib.h>
+@@ -498,6 +499,8 @@ struct lh_table* lh_table_new(int size,
+ 	int i;
+ 	struct lh_table *t;
+ 
++  /* Allocate space for elements to avoid divisions by zero. */
++  assert(size > 0);
+ 	t = (struct lh_table*)calloc(1, sizeof(struct lh_table));
+ 	if (!t)
+ 		return NULL;