forked from microsoft/azurelinux
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCVE-2026-39956.patch
More file actions
35 lines (29 loc) · 1.04 KB
/
CVE-2026-39956.patch
File metadata and controls
35 lines (29 loc) · 1.04 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
From e5c82a886d941ce534dfa1694b0d5e8f364a90fc Mon Sep 17 00:00:00 2001
From: tlsbollei <170938166+tlsbollei@users.noreply.github.com>
Date: Wed, 8 Apr 2026 21:43:46 +0200
Subject: [PATCH] Add runtime type checks to f_string_indexes
This fixes CVE-2026-39956.
Signed-off-by: Azure Linux Security Servicing Account <azurelinux-security@microsoft.com>
Upstream-reference: https://github.com/jqlang/jq/commit/fdf8ef0f0810e3d365cdd5160de43db46f57ed03.patch
---
src/builtin.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/src/builtin.c b/src/builtin.c
index 902490d..3cb8eb7 100644
--- a/src/builtin.c
+++ b/src/builtin.c
@@ -1212,6 +1212,14 @@ static jv f_string_explode(jq_state *jq, jv a) {
}
static jv f_string_indexes(jq_state *jq, jv a, jv b) {
+ if (jv_get_kind(a) != JV_KIND_STRING) {
+ jv_free(b);
+ return type_error(a, "cannot be searched, as it is not a string");
+ }
+ if (jv_get_kind(b) != JV_KIND_STRING) {
+ jv_free(a);
+ return type_error(b, "is not a string");
+ }
return jv_string_indexes(a, b);
}
--
2.45.4