The second call to newlocale() with LC_TIME accidentally made things
 work because LC_TIME == LC_NUMERIC_MASK on some platforms.

Add several additional test cases for partial parsing of infinity values.

2.replace json_object_get/put API with json_object_retain/release, as they operate the reference counter, and confused with array_list_get/put_idx.
3.replace array_list_get/put_idx API with array_list_get/insert to make them more clear to use.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

This reverts commit aaba8c1080.

This commit breaks builddir != srcdir build, but, more importantly, it
also adds a dependency on a header, "config.h", which is not installed
and it's supposed to be private — since it's generated at configuration
time and it's not meant to be used by projects compiling against a
library.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

Also undo NULL check in json_tokener_set_flags(): it's not at all valid toi
 try to set flags on a NULL pointer, and doing so should not be silently
 ignored.

Also, be sure the right locale_t is freed if we fail on the second uselocale.
Finally, fix test_locale so it *doesn't* use json_object_to_json_string as
 that will simple re-emit the original parsed string values.

This fix errors that can happen when ingesting very large JSON files
when hitting the maximum heap size of the process.

Tightening the number parsing algorithm

Some badly formated "numbers" could get partly parsed,
resulting in truncated results instead of raising an
error.

Examples :
 '1.2.3'      -> (double)1.2
 '2015-01-15' -> (int)2015

This patch is not perfect (ex: input can still end with a 'E', which
is forbidden by json.org doc) but should avoid non-sensically
formated input.

Tests added.

Eliminate all uses of bits.h within the json-c code.

* CVE-2013-6371: hash collision denial of service
* CVE-2013-6370: buffer overflow if size_t is larger than int

Only allow lowercase literals in STRICT mode

Add json_object_free_userdata() and json_object_userdata_to_json_string() too.

Remove redefinition of strndup() which is no longer used in the codebase

more strictness

Found by Coverity. The number of elements of an array 'ar' is found by
sizeof(ar)/sizeof(ar[0]) and not sizeof(ar)

76const char *json_tokener_error_desc(enum json_tokener_error jerr)
 77{
 78        int jerr_int = (int)jerr;

1. Condition "jerr_int < 0", taking false branch

2. Condition "jerr_int > 112 /* (int)sizeof (gdal_json_tokener_errors) */", taking false branch
 79        if (jerr_int < 0 || jerr_int > (int)sizeof(json_tokener_errors))
 80                return "Unknown error, invalid json_tokener_error value passed to json_tokener_error_desc()";

CID 1076806 (#1 of 1): Out-of-bounds read (OVERRUN)3. overrun-local: Overrunning array "gdal_json_tokener_errors" of 14 8-byte elements at element index 112 (byte offset 896) using index "jerr" (which evaluates to 112).
 81        return json_tokener_errors[jerr];
 82}