From 1eadb6ee25388ea29c23d286ef561a8353931adf Mon Sep 17 00:00:00 2001
From: zhangzhangxin <zhangxin1@xfusion.com>
Date: Fri, 28 Apr 2023 10:59:43 +0800
Subject: [PATCH 1/2] sync:Issue 1182: Fix fuzzing bug

Signed-off-by: zhangzhangxin <zhangxin1@xfusion.com>
---
 0001-sync-Issue-1182-Fix-fuzzing-bug.patch | 40 ++++++++++++++++++++++
 jsoncpp.spec                               |  6 +++-
 2 files changed, 45 insertions(+), 1 deletion(-)
 create mode 100644 0001-sync-Issue-1182-Fix-fuzzing-bug.patch

diff --git a/0001-sync-Issue-1182-Fix-fuzzing-bug.patch b/0001-sync-Issue-1182-Fix-fuzzing-bug.patch
new file mode 100644
index 0000000..79374d4
--- /dev/null
+++ b/0001-sync-Issue-1182-Fix-fuzzing-bug.patch
@@ -0,0 +1,40 @@
+From 0398d63a8435d5b8f71f07aa8c42e7d65815f97e Mon Sep 17 00:00:00 2001
+From: zhangzhangxin <zhangxin1@xfusion.com>
+Date: Fri, 28 Apr 2023 10:50:40 +0800
+Subject: [PATCH] sync:Issue 1182: Fix fuzzing bug
+
+Signed-off-by: zhangzhangxin <zhangxin1@xfusion.com>
+---
+ src/lib_json/json_reader.cpp      | 7 +++++--
+ test/data/fail_invalid_quote.json | 1 +
+ 2 files changed, 6 insertions(+), 2 deletions(-)
+ create mode 100644 test/data/fail_invalid_quote.json
+
+diff --git a/src/lib_json/json_reader.cpp b/src/lib_json/json_reader.cpp
+index 23cbe60..19922a8 100644
+--- a/src/lib_json/json_reader.cpp
++++ b/src/lib_json/json_reader.cpp
+@@ -1175,8 +1175,11 @@ bool OurReader::readToken(Token& token) {
+     if (features_.allowSingleQuotes_) {
+       token.type_ = tokenString;
+       ok = readStringSingleQuote();
+-      break;
+-    } // else fall through
++    } else {
++      // If we don't allow single quotes, this is a failure case.
++      ok = false;
++    }
++    break;
+   case '/':
+     token.type_ = tokenComment;
+     ok = readComment();
+diff --git a/test/data/fail_invalid_quote.json b/test/data/fail_invalid_quote.json
+new file mode 100644
+index 0000000..0dd76ed
+--- /dev/null
++++ b/test/data/fail_invalid_quote.json
+@@ -0,0 +1 @@
++{'//this is bad JSON.'}
+-- 
+2.40.0.windows.1
+
diff --git a/jsoncpp.spec b/jsoncpp.spec
index 83d4cea..aa1f6fb 100644
--- a/jsoncpp.spec
+++ b/jsoncpp.spec
@@ -1,11 +1,12 @@
 Name:           jsoncpp
 Version:        1.9.3
-Release:        2
+Release:        3
 Summary:        JSON C++ library
 License:        Public Domain or MIT
 URL:            https://github.com/open-source-parsers/jsoncpp
 Source0:        https://github.com/open-source-parsers/jsoncpp/archive/%{version}/%{name}-%{version}.tar.gz
 BuildRequires:  gcc-c++ cmake >= 3.1 python3-devel
+Patch0:         0001-sync-Issue-1182-Fix-fuzzing-bug.patch
 
 %description
 JsonCpp is a C++ library that allows manipulating JSON values,
@@ -87,6 +88,9 @@ hardlink -cfv %{buildroot}%{_docdir}/%{name}
 
 
 %changelog
+* Fri Apr 28 2023 zhujunhao <zhujunhao5@huawei.com> - 1.9.3-3
+- Issue 1182: Fix fuzzing bug
+
 * Thu Sep 24 2020 tianwei<tianwei12@huawei.com> - 1.9.3-2
 - Type:update
 - ID:NA
-- 
Gitee


From 9d51aaeaf3ffd66ba8d27e390620311cf06344bc Mon Sep 17 00:00:00 2001
From: zhangzhangxin <zhangxin1@xfusion.com>
Date: Fri, 28 Apr 2023 11:08:53 +0800
Subject: [PATCH 2/2] Issue 1182: Fix fuzzing bug

Signed-off-by: zhangzhangxin <zhangxin1@xfusion.com>
---
 jsoncpp.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jsoncpp.spec b/jsoncpp.spec
index aa1f6fb..f0b3def 100644
--- a/jsoncpp.spec
+++ b/jsoncpp.spec
@@ -88,7 +88,7 @@ hardlink -cfv %{buildroot}%{_docdir}/%{name}
 
 
 %changelog
-* Fri Apr 28 2023 zhujunhao <zhujunhao5@huawei.com> - 1.9.3-3
+* Fri Apr 28 2023 zhangxin <zhangxin1@xfusion.com> - 1.9.3-3
 - Issue 1182: Fix fuzzing bug
 
 * Thu Sep 24 2020 tianwei<tianwei12@huawei.com> - 1.9.3-2
-- 
Gitee