Fix stack buffer overflow WRITE 1 in domain_to_punycode()
Reported-by: oss-fuzz (issue 39424 and issue 39226) The affected code would only be built into the library when configured to build without any IDNA library.
This commit is contained in:
parent
044b5ed5d4
commit
1023a9ad12
|
@ -590,7 +590,7 @@ static int domain_to_punycode(const char *domain, char *out, size_t outsize)
|
|||
memcpy(out + outlen, "xn--", 4);
|
||||
outlen += 4;
|
||||
|
||||
labellen = outsize - outlen - 1; // -1 to leave space for the trailing \0
|
||||
labellen = outsize - outlen - (e != NULL) - 1; // -1 to leave space for the trailing \0
|
||||
if (punycode_encode(inputlen, input, &labellen, out + outlen))
|
||||
return 1;
|
||||
outlen += labellen;
|
||||
|
|
Loading…
Reference in New Issue