From a066d4e152a10d31e82fdedb2e140056fc693250 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BC=A0=E6=94=80?= <zhangpan@cqsoftware.com.cn>
Date: Mon, 29 Sep 2025 15:26:09 +0800
Subject: [PATCH] Fix CVE-2025-57052
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: 张攀 <zhangpan@cqsoftware.com.cn>
(cherry picked from commit 53beb24dcc9a7fae930e94cf682b0a14e091d587)
---
 backport-CVE-2025-57052.patch | 23 +++++++++++++++++++++++
 cjson.spec                    |  6 +++++-
 2 files changed, 28 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2025-57052.patch

diff --git a/backport-CVE-2025-57052.patch b/backport-CVE-2025-57052.patch
new file mode 100644
index 0000000..7577888
--- /dev/null
+++ b/backport-CVE-2025-57052.patch
@@ -0,0 +1,23 @@
+From 74e1ff4994aa4139126967f6d289b675b4b36fef Mon Sep 17 00:00:00 2001
+From: Lee <peteralfredlee@gmail.com>
+Date: Fri, 5 Sep 2025 14:53:20 +0800
+Subject: [PATCH] fix the incorrect check in decode_array_index_from_pointer
+ (#957)
+
+this fixes CVE-2025-57052
+---
+ cJSON_Utils.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/cJSON_Utils.c b/cJSON_Utils.c
+index 63651dfb..8fa24f8e 100644
+--- a/cJSON_Utils.c
++++ b/cJSON_Utils.c
+@@ -282,7 +282,7 @@ static cJSON_bool decode_array_index_from_pointer(const unsigned char * const po
+         return 0;
+     }
+ 
+-    for (position = 0; (pointer[position] >= '0') && (pointer[0] <= '9'); position++)
++    for (position = 0; (pointer[position] >= '0') && (pointer[position] <= '9'); position++)
+     {
+         parsed_index = (10 * parsed_index) + (size_t)(pointer[position] - '0');
diff --git a/cjson.spec b/cjson.spec
index 05b7d25..2f0e53d 100644
--- a/cjson.spec
+++ b/cjson.spec
@@ -1,6 +1,6 @@
 Name:           cjson
 Version:        1.7.15
-Release:        10
+Release:        11
 Summary:        Ultralightweight JSON parser in ANSI C
  
 License:        MIT and ASL 2.0
@@ -17,6 +17,7 @@ Patch0007:  backport-Add-test-for-heap-buffer-overflow.patch
 Patch0008:  backport-Fix-heap-buffer-overflow.patch
 Patch0009:  backport-Set-free-d-pointers-to-NULL-whenever-they-are-not-re.patch
 Patch0010:  backport-CVE-2023-26819.patch
+Patch0011:  backport-CVE-2025-57052.patch
 
 BuildRequires:  gcc
 BuildRequires:  cmake
@@ -63,6 +64,9 @@ rm -f %{buildroot}%{_libdir}/cmake/cJSON/*.cmake
 %{_includedir}/cjson/
 
 %changelog
+* Mon Sep 29 2025 zhangpan <zhangpan@cqsoftware.com.cn> - 1.7.15-11
+- Fix CVE-2025-57052
+
 * Tue Aug 05 2025 zhangpan <zhangpan@cqsoftware.com.cn> - 1.7.15-10
 - Fix CVE-2023-26819
 
-- 
Gitee