38 lines
1.0 KiB
Diff
38 lines
1.0 KiB
Diff
From 3530bcc30350d4a6ccf35d2f7b33e23292b9de70 Mon Sep 17 00:00:00 2001
|
|
From: Ben Noordhuis <info@bnoordhuis.nl>
|
|
Date: Thu, 18 Jan 2024 14:52:38 +0100
|
|
Subject: [PATCH] fix: reject zero-length idna inputs
|
|
|
|
Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
|
|
---
|
|
src/idna.c | 3 +++
|
|
test/test-idna.c | 1 +
|
|
2 files changed, 4 insertions(+)
|
|
|
|
diff --git a/src/idna.c b/src/idna.c
|
|
index 4638546d020..efc5f283ce2 100644
|
|
--- a/src/idna.c
|
|
+++ b/src/idna.c
|
|
@@ -322,6 +322,9 @@ ssize_t uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
|
|
char* ds;
|
|
int rc;
|
|
|
|
+ if (s == se)
|
|
+ return UV_EINVAL;
|
|
+
|
|
ds = d;
|
|
|
|
si = s;
|
|
diff --git a/test/test-idna.c b/test/test-idna.c
|
|
index 5f8d696a7f0..3c4820f7659 100644
|
|
--- a/test/test-idna.c
|
|
+++ b/test/test-idna.c
|
|
@@ -115,6 +115,7 @@ TEST_IMPL(utf8_decode1_overrun) {
|
|
ASSERT_PTR_EQ(p, b + 1);
|
|
|
|
b[0] = 0x7F;
|
|
+ ASSERT_EQ(UV_EINVAL, uv__idna_toascii(b, b + 0, c, c + 1));
|
|
ASSERT_EQ(UV_EINVAL, uv__idna_toascii(b, b + 1, c, c + 1));
|
|
|
|
return 0;
|