The security patches introduced in json-c-0.14-r2 introduce a serious regression as discussed here: https://github.com/json-c/json-c/issues/599 This is unsurprisingly causing problems for anything using json-c to create objects. For example: https://github.com/swaywm/sway/issues/5350 Reproducible: Always Steps to Reproduce: 1) Start sway 2) swaymsg -t get_workspaces Actual Results: Workspace 1 (off-screen) Output: (null) Layout: splith Representation: (null) Expected Results: Fields are not "(null)"
Patch for the problem: https://github.com/json-c/json-c/commit/519dfe1591d85432986f9762d41d1a883198c157
I can confirm that the patch works for me. Thanks
Just a heads up that this may notably be affecting Gimp when loading mypaint brushes (json files), user reported patch fixed it. https://forums.gentoo.org/viewtopic-t-1113276.html
Yep, same conclusion. Sample to reproduce: #include <err.h> #include <stdbool.h> #include <stdio.h> #include <json.h> int main(void) { struct json_object *root; char id[32]; if ((root = json_object_new_object()) == NULL) errx(1, "cannot create new JSON object"); for (size_t i = 0; i < 64; ++i) { snprintf(id, sizeof(id), "%lu", i); printf("adding boolean #%lu...\n", i); if (json_object_object_add(root, id, json_object_new_boolean(true)) != 0) errx(1, "cannot add boolean value %s to JSON object", id); } return 0; }
Ok, I can reporoduce this issue. I applied the upstream patch and opened a pull request for including it in the ebuild (https://github.com/gentoo/gentoo/pull/15852)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a80c36a0842224f29a28cb4c772da490996f5523 commit a80c36a0842224f29a28cb4c772da490996f5523 Author: Jakov Smolic <jakov.smolic@sartura.hr> AuthorDate: 2020-05-17 17:48:33 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2020-05-18 21:41:34 +0000 dev-libs/json-c: fix objects field limitation Bug: https://bugs.gentoo.org/723480 Closes: https://github.com/gentoo/gentoo/pull/15852 Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr> Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> .../files/json-c-0.14-object-limitation.patch | 93 ++++++++++++++++++++++ dev-libs/json-c/json-c-0.14-r3.ebuild | 54 +++++++++++++ 2 files changed, 147 insertions(+)
Guys, I merged the PR but left bug open. Please proceed with stabilization request for new revision.
(In reply to Georgy Yakovlev from comment #7) > Guys, I merged the PR but left bug open. > Please proceed with stabilization request for new revision. Let's just do it because of the wide breakage.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=232d480e031278248f55c2c84c102b0106a7b21a commit 232d480e031278248f55c2c84c102b0106a7b21a Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-05-19 09:58:32 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-05-19 09:59:46 +0000 dev-libs/json-c: rollover keywords Bug: https://bugs.gentoo.org/723480 Package-Manager: Portage-2.3.99, Repoman-2.3.22 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> dev-libs/json-c/json-c-0.14-r3.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Let's move stabilization back to security bug 722150.