libyaml Fix heap buffer overflow in function yaml_emitter_emit_flow_sequence

…item, releated issue:https://github.com/yaml/libyaml/issues/258

Nov 25 '22 04:11 ziyangc97

In this PR, I not sure what to do when STACK_EMPTY check is failed. Are we going to print error log and return to end the process, or do we set indent to 0 and continue the process ?

Dec 02 '22 03:12 ziyangc97

Do you know how the problem can be reproduced?

Apr 03 '24 11:04 perlpunk

As mentioned in #258, I think this shouldn't even happen, and something is wrong already before. The state machine should not get into this position. So I think this wouldn't fix it.

Apr 04 '24 17:04 perlpunk

I think #290 is a more general fix for this

Apr 08 '24 22:04 perlpunk

Closing this as it would only be a partial fix (same problem in yaml_emitter_emit_flow_mapping_key), and actually this code shouldn't be called anyway as it only happens when calling yaml_emitter_close after a failing yaml_emitter_dump, see comments in https://github.com/yaml/libyaml/issues/258#issuecomment-2058613931

Apr 18 '24 11:04 perlpunk

Fix heap buffer overflow in function yaml_emitter_emit_flow_sequence_…