From 110e3bd7a6e63e0c5c734d97a0a44ed5c1b6de7c Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Tue, 31 Jul 2018 15:57:11 +0300
Subject: [PATCH] Fix double-free introduced by 577dc345

* src/utf8.c (utf8_convert): Don't store freed value in *output
---
 src/utf8.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/utf8.c b/src/utf8.c
index 168d636c..abf26bc2 100644
--- a/src/utf8.c
+++ b/src/utf8.c
@@ -65,7 +65,7 @@ bool
 utf8_convert (bool to_utf, char const *input, char **output)
 {
   char ICONV_CONST *ib;
-  char *ob;
+  char *ob, *ret;
   size_t inlen;
   size_t outlen;
   iconv_t cd = utf8_init (to_utf);
@@ -80,14 +80,15 @@ utf8_convert (bool to_utf, char const *input, char **output)
 
   inlen = strlen (input) + 1;
   outlen = inlen * MB_LEN_MAX + 1;
-  ob = *output = xmalloc (outlen);
+  ob = ret = xmalloc (outlen);
   ib = (char ICONV_CONST *) input;
   if (iconv (cd, &ib, &inlen, &ob, &outlen) == -1)
     {
-      free (*output);
+      free (ret);
       return false;
     }
   *ob = 0;
+  *output = ret;
   return true;
 }
 
-- 
2.47.3