From: Jay Satiro <raysatiro@yahoo.com>
Date: Fri, 29 Sep 2023 07:15:19 +0000 (-0400)
Subject: idn: fix WinIDN null ptr deref on bad host
X-Git-Tag: curl-8_4_0~37
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=021d04f2916cd82c3728a68514b090077bce9651;p=thirdparty%2Fcurl.git

idn: fix WinIDN null ptr deref on bad host

- Return CURLE_URL_MALFORMAT if IDN hostname cannot be converted from
  UTF-8 to UTF-16.

Prior to this change a failed conversion erroneously returned CURLE_OK
which meant 'decoded' pointer (what would normally point to the
punycode) would not be written to, remain NULL and be dereferenced
causing an access violation.

Closes https://github.com/curl/curl/pull/11983
---

diff --git a/lib/idn.c b/lib/idn.c
index 475d9c9beb..a024691d1f 100644
--- a/lib/idn.c
+++ b/lib/idn.c
@@ -91,6 +91,8 @@ static CURLcode win32_idn_to_ascii(const char *in, char **out)
     else
       return CURLE_URL_MALFORMAT;
   }
+  else
+    return CURLE_URL_MALFORMAT;
 
   return CURLE_OK;
 }