| commit | c9a51565214eece8f1053089739aea73145bfd6b | [log] [tgz] |
|---|---|---|
| author | Emanuele Torre <torreemanuele6@gmail.com> | Wed Dec 13 20:17:17 2023 +0100 |
| committer | GitHub <noreply@github.com> | Wed Dec 13 20:17:17 2023 +0100 |
| tree | 41897506f258105a10ca9bcdb965cd925b7446b6 | |
| parent | c5fd64ba975ee35df17bb0c335efb00bffce4d91 [diff] |
Merge pull request from GHSA-7hmr-442f-qc8j The unit allocated for decNumberCompare was accidentally removed by commit 680baeffeb7983e7570b5e68db07fe47f94db8c7 (PR #2804) This caused a stack overflow when comparing a nan with a payload of 1000 or more. This bug was found by OSS-fuzz. Ref: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64771 Fixes GHSA-7hmr-442f-qc8j It also fixes 1e999999999 > 1e-1147483646 triggering UBSAN errors Fixes #2968
jq is a lightweight and flexible command-line JSON processor akin to sed,awk,grep, and friends for JSON data. It's written in portable C and has zero runtime dependencies, allowing you to easily slice, filter, map, and transform structured data.
Download the latest releases from the GitHub release page.
Pull the jq image to start quickly with Docker.
git submodule update --init # if building from git to get oniguruma autoreconf -i # if building from git ./configure --with-oniguruma=builtin make -j8 make check sudo make install
Build a statically linked version:
make LDFLAGS=-all-static
If you‘re not using the latest git version but instead building a released tarball (available on the release page), skip the autoreconf step, and flex or bison won’t be needed.
For details on cross-compilation, check out the GitHub Actions file and the cross-compilation wiki page.
jq is released under the MIT License.