From 021d04f2916cd82c3728a68514b090077bce9651 Mon Sep 17 00:00:00 2001 From: Jay Satiro Date: Fri, 29 Sep 2023 03:15:19 -0400 Subject: [PATCH] idn: fix WinIDN null ptr deref on bad host - Return CURLE_URL_MALFORMAT if IDN hostname cannot be converted from UTF-8 to UTF-16. Prior to this change a failed conversion erroneously returned CURLE_OK which meant 'decoded' pointer (what would normally point to the punycode) would not be written to, remain NULL and be dereferenced causing an access violation. Closes https://github.com/curl/curl/pull/11983 --- lib/idn.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/idn.c b/lib/idn.c index 475d9c9beb..a024691d1f 100644 --- a/lib/idn.c +++ b/lib/idn.c @@ -91,6 +91,8 @@ static CURLcode win32_idn_to_ascii(const char *in, char **out) else return CURLE_URL_MALFORMAT; } + else + return CURLE_URL_MALFORMAT; return CURLE_OK; } -- 2.47.3