program abort by "lh_table_new: calloc failed"

I have identified the same issue. Parsing a relatively small file may result in a calloc failure because lh_table_new attempts to allocate an incorrectly size block of memory. In my case it attempted to allocate over 68 GiB in a single allocation.

The cause seems to be the changes in the CVE patch:

json-c (0.12.1-1.3ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer overflows
    - debian/patches/CVE-2020-12762-*.patch: fix a series of
      integer overflows adding checks in linkhash.c, printbuf.c.
    - CVE-2020-12762

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 11 May 2020 16:29:02 -0300

Status changed to 'Confirmed' because the bug affects multiple users.

This bug affects programs such as GIMP. I could not launch it and I found this issue by searching "lh_table_new: calloc failed". Reverting back to libjson-c3 version 0.12.1-1.3 fixes the issue.

Seems to affect all software which uses this library.

Hi, thanks for report his issue. That issue was already reverted and a new version is available. Run apt-get update; apt-get upgrade -y , and it should install that last reverted version.

thank you, Leonidas.
I checked the program(and our products) running normally with reverted package.