Fix a buffer overflow / heap corruption issue that could occur if a

malformed JSON string was passed on the control channel.  This issue,
present in the cJSON library, was already fixed upstream, so was
addressed here in iperf3 by importing a newer version of cJSON (plus
local ESnet modifications).

Discovered and reported by Dave McDaniel, Cisco Talos.

Based on a patch by @dopheide-esnet, with input from @DaveGamble.

Cross-references:  TALOS-CAN-0164, ESNET-SECADV-2016-0001,
CVE-2016-4303

(cherry picked from commit ed94082)
Signed-off-by: Bruce A. Mah <[email protected]>

Author: bmah888

configure.ac

@@ -62,6 +62,12 @@ AC_HEADER_STDC
 # Check for systems which need -lsocket and -lnsl
 #AX_LIB_SOCKET_NSL
 
+# Check for the math library (needed by cjson on some platforms)
+AC_SEARCH_LIBS(floor, [m], [], [
+echo "floor()"
+exit 1
+])
+
 # Solaris puts nanosleep in -lrt
 AC_SEARCH_LIBS(nanosleep, [rt], [], [
 echo "nanosleep() required for timing operations."