idn: make macidn fail before trying conversion if name too long

author Daniel Stenberg <daniel@haxx.se>

Tue, 16 Jul 2024 16:40:13 +0000 (18:40 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Thu, 18 Jul 2024 12:47:54 +0000 (14:47 +0200)
author Daniel Stenberg <daniel@haxx.se>
Tue, 16 Jul 2024 16:40:13 +0000 (18:40 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Thu, 18 Jul 2024 12:47:54 +0000 (14:47 +0200)
diff --git a/lib/idn.c b/lib/idn.c

index 3d7c1d820cd82481721f03a98cb2cad984b8c8a0..ef55ddfec07c57efc2bb6f0068ce71734bb4ab35 100644 (file)
--- a/lib/idn.c
+++ b/lib/idn.c
@@ -54,58 +54,56 @@
  #if defined(USE_APPLE_IDN)
  #include <unicode/uidna.h>
  
+#define MAX_HOST_LENGTH 512
+
  static CURLcode mac_idn_to_ascii(const char *in, char **out)
  {
-  UErrorCode err = U_ZERO_ERROR;
-  UIDNA* idna = uidna_openUTS46(
-    UIDNA_CHECK_BIDI|UIDNA_NONTRANSITIONAL_TO_ASCII, &err);
-  if(U_FAILURE(err)) {
-    return CURLE_OUT_OF_MEMORY;
-  }
-  else {
-    UIDNAInfo info = UIDNA_INFO_INITIALIZER;
-    char buffer[256] = {0};
-    (void)uidna_nameToASCII_UTF8(idna, in, -1, buffer,
-                                 sizeof(buffer) - 1, &info, &err);
-    uidna_close(idna);
-    if(U_FAILURE(err)) {
-      return CURLE_URL_MALFORMAT;
-    }
-    else {
-      *out = strdup(buffer);
-      if(*out)
-        return CURLE_OK;
-      else
-        return CURLE_OUT_OF_MEMORY;
+  size_t inlen = strlen(in);
+  if(inlen < MAX_HOST_LENGTH) {
+    UErrorCode err = U_ZERO_ERROR;
+    UIDNA* idna = uidna_openUTS46(
+      UIDNA_CHECK_BIDI|UIDNA_NONTRANSITIONAL_TO_ASCII, &err);
+    if(!U_FAILURE(err)) {
+      UIDNAInfo info = UIDNA_INFO_INITIALIZER;
+      char buffer[MAX_HOST_LENGTH] = {0};
+      (void)uidna_nameToASCII_UTF8(idna, in, -1, buffer,
+                                   sizeof(buffer) - 1, &info, &err);
+      uidna_close(idna);
+      if(!U_FAILURE(err)) {
+        *out = strdup(buffer);
+        if(*out)
+          return CURLE_OK;
+        else
+          return CURLE_OUT_OF_MEMORY;
+      }
      }
    }
+  return CURLE_URL_MALFORMAT;
  }
  
  static CURLcode mac_ascii_to_idn(const char *in, char **out)
  {
-  UErrorCode err = U_ZERO_ERROR;
-  UIDNA* idna = uidna_openUTS46(
-    UIDNA_CHECK_BIDI|UIDNA_NONTRANSITIONAL_TO_UNICODE, &err);
-  if(U_FAILURE(err)) {
-    return CURLE_OUT_OF_MEMORY;
-  }
-  else {
-    UIDNAInfo info = UIDNA_INFO_INITIALIZER;
-    char buffer[256] = {0};
-    (void)uidna_nameToUnicodeUTF8(idna, in, -1, buffer,
-                                  sizeof(buffer) - 1, &info, &err);
-    uidna_close(idna);
-    if(U_FAILURE(err)) {
-      return CURLE_URL_MALFORMAT;
-    }
-    else {
-      *out = strdup(buffer);
-      if(*out)
-        return CURLE_OK;
-      else
-        return CURLE_OUT_OF_MEMORY;
+  size_t inlen = strlen(in);
+  if(inlen < MAX_HOST_LENGTH) {
+    UErrorCode err = U_ZERO_ERROR;
+    UIDNA* idna = uidna_openUTS46(
+      UIDNA_CHECK_BIDI|UIDNA_NONTRANSITIONAL_TO_UNICODE, &err);
+    if(!U_FAILURE(err)) {
+      UIDNAInfo info = UIDNA_INFO_INITIALIZER;
+      char buffer[MAX_HOST_LENGTH] = {0};
+      (void)uidna_nameToUnicodeUTF8(idna, in, -1, buffer,
+                                    sizeof(buffer) - 1, &info, &err);
+      uidna_close(idna);
+      if(!U_FAILURE(err)) {
+        *out = strdup(buffer);
+        if(*out)
+          return CURLE_OK;
+        else
+          return CURLE_OUT_OF_MEMORY;
+      }
      }
    }
+  return CURLE_URL_MALFORMAT;
  }
  #endif
author	Daniel Stenberg <daniel@haxx.se>
	Tue, 16 Jul 2024 16:40:13 +0000 (18:40 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Thu, 18 Jul 2024 12:47:54 +0000 (14:47 +0200)