From 28a58f9c53fd7b1d4dc62004d5060a54d68c3436 Mon Sep 17 00:00:00 2001
From: ziyangc <chenziyang4@huawei.com>
Date: Fri, 18 Nov 2022 18:37:22 +0800
Subject: [PATCH] fix heap buffer overflow in
 yaml-emitter-emit-flow-sequence-item

(cherry picked from commit 76cdd441b70ebff67cb8c51a5a1078ecdfd72c94)
---
 ...-overflow-error-in-yaml-emitter-emit.patch | 32 +++++++++++++++++++
 libyaml.spec                                  |  6 +++-
 2 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 fix-heap-buffer-overflow-error-in-yaml-emitter-emit.patch

diff --git a/fix-heap-buffer-overflow-error-in-yaml-emitter-emit.patch b/fix-heap-buffer-overflow-error-in-yaml-emitter-emit.patch
new file mode 100644
index 0000000..8d13f7c
--- /dev/null
+++ b/fix-heap-buffer-overflow-error-in-yaml-emitter-emit.patch
@@ -0,0 +1,32 @@
+From cbd860b8e62ec0dc85d4d76a9a8900a3db9c740c Mon Sep 17 00:00:00 2001
+From: chenziyang <chenziyang4@huawei.com>
+Date: Tue, 8 Nov 2022 11:15:36 +0800
+Subject: [PATCH] Fix heap buffer overflow error in
+ yaml_emitter_emit_flow_sequence_item function
+ 
+---
+ src/emitter.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+ 
+diff --git a/src/emitter.c b/src/emitter.c
+index 609b28a..336bfd1 100644
+--- a/src/emitter.c
++++ b/src/emitter.c
+@@ -758,7 +758,13 @@ yaml_emitter_emit_flow_sequence_item(yaml_emitter_t *emitter,
+     if (event->type == YAML_SEQUENCE_END_EVENT)
+     {
+         emitter->flow_level --;
+-        emitter->indent = POP(emitter, emitter->indents);
++        if (!STACK_EMPTY(emitter, emitter->indents)) {
++            emitter->indent = POP(emitter, emitter->indents);
++        }
++        else {
++            emitter->indent = 0; // set to default
++        }
++
+         if (emitter->canonical && !first) {
+             if (!yaml_emitter_write_indicator(emitter, ",", 0, 0, 0))
+                 return 0;
+-- 
+2.21.0.windows.1
+
diff --git a/libyaml.spec b/libyaml.spec
index 0ea19db..2c125bd 100644
--- a/libyaml.spec
+++ b/libyaml.spec
@@ -1,12 +1,13 @@
 Name:       libyaml
 Version:    0.2.5
-Release:    3
+Release:    4
 Summary:    A C library for parsing and emitting YAML
 License:    MIT
 URL:        http://pyyaml.org/
 Source0:    http://pyyaml.org/download/libyaml/yaml-%{version}.tar.gz
 
 Patch0:     fix-heap-buffer-overflow-in-yaml_emitter_emit_flow_m.patch 
+Patch1:     fix-heap-buffer-overflow-error-in-yaml-emitter-emit.patch
 
 BuildRequires:  gcc
 
@@ -67,6 +68,9 @@ make check
 %doc doc/html
 
 %changelog
+* Fri Nov 18 2022 chenziyang <chenziyang4@huawei.com> - 0.2.5-4
+- Fix heap buffer overflow in yaml_emitter_emit_flow_sequence_item
+
 * Mon Apr 18 2022 panxiaohe <panxh.life@foxmail.com> - 0.2.5-3
 - fix heap buffer overflow in yaml_emitter_emit_flow_mapping_key
 
-- 
Gitee