Sarat Chandra Addepalli <s.addepa...@samsung.com> writes: > Hello. > > > > In the function idna_to_ascii_4i() in lib/idna.c, at the end of step > 2, the call src = stringprep_utf8_to_ucs4(p, -1, NULL) may result in > a NULL return. This needs to be checked, and if that's the case, p > needs to be freed and the function should return with an #Idna_rc > error code. IMHO, NULL return occurs only in the case of a malloc > fail (due to g_malloc() in the function g_utf8_to_ucs4_fast), so the > error code should be IDNA_MALLOC_ERROR.
Hello, Thanks for the report! I agree with your analysis and patch. I have applied it to git master for the next release. /Simon > diff --git a/lib/idna.c b/lib/idna.c > index 9ab413c..12889cd 100644 > --- a/lib/idna.c > +++ b/lib/idna.c > @@ -154,6 +154,8 @@ idna_to_ascii_4i (const uint32_t * in, size_t inlen, char > *out, int flags) > src = stringprep_utf8_to_ucs4 (p, -1, NULL); > > free (p); > + if (!src) > + return IDNA_MALLOC_ERROR; > } > > step3: > > _______________________________________________ > Help-libidn mailing list > Help-libidn@gnu.org > https://lists.gnu.org/mailman/listinfo/help-libidn _______________________________________________ Help-libidn mailing list Help-libidn@gnu.org https://lists.gnu.org/mailman/listinfo/help-libidn
