From 8c058a820afe71073823364d29ff22ed0ac34de5 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 2 Nov 2023 10:52:46 +0100
Subject: [PATCH] hsts: skip single-dot hostname

Reported-by: Maksymilian Arciemowicz

Closes #12247
---
 lib/hsts.c | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/lib/hsts.c b/lib/hsts.c
index 7ecf0042a5..6fac2b7c04 100644
--- a/lib/hsts.c
+++ b/lib/hsts.c
@@ -40,6 +40,7 @@
 #include "fopen.h"
 #include "rename.h"
 #include "share.h"
+#include "strdup.h"
 
 /* The last 3 #include files should be in this order */
 #include "curl_printf.h"
@@ -116,22 +117,30 @@ static CURLcode hsts_create(struct hsts *h,
                             bool subdomains,
                             curl_off_t expires)
 {
-  struct stsentry *sts = hsts_entry();
+  struct stsentry *sts;
   char *duphost;
   size_t hlen;
+  DEBUGASSERT(h);
+  DEBUGASSERT(hostname);
+
+  hlen = strlen(hostname);
+  if(hlen && (hostname[hlen - 1] == '.'))
+    /* strip off any trailing dot */
+    --hlen;
+  if(!hlen)
+    /* no host name left */
+    return CURLE_BAD_FUNCTION_ARGUMENT;
+
+  sts = hsts_entry();
   if(!sts)
     return CURLE_OUT_OF_MEMORY;
 
-  duphost = strdup(hostname);
+  duphost = Curl_memdup(hostname, hlen + 1);
   if(!duphost) {
     free(sts);
     return CURLE_OUT_OF_MEMORY;
   }
-
-  hlen = strlen(duphost);
-  if(duphost[hlen - 1] == '.')
-    /* strip off trailing any dot */
-    duphost[--hlen] = 0;
+  duphost[hlen] = 0; /* might remove a dot */
 
   sts->host = duphost;
   sts->expires = expires;
-- 
2.47.3