From 1023a9ad12d146608ba6326a3114f9b23b812124 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20R=C3=BChsen?= Date: Sat, 15 Jan 2022 22:38:32 +0100 Subject: [PATCH] Fix stack buffer overflow WRITE 1 in domain_to_punycode() Reported-by: oss-fuzz (issue 39424 and issue 39226) The affected code would only be built into the library when configured to build without any IDNA library. --- src/psl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/psl.c b/src/psl.c index 0e04778..7bfc3cb 100644 --- a/src/psl.c +++ b/src/psl.c @@ -590,7 +590,7 @@ static int domain_to_punycode(const char *domain, char *out, size_t outsize) memcpy(out + outlen, "xn--", 4); outlen += 4; - labellen = outsize - outlen - 1; // -1 to leave space for the trailing \0 + labellen = outsize - outlen - (e != NULL) - 1; // -1 to leave space for the trailing \0 if (punycode_encode(inputlen, input, &labellen, out + outlen)) return 1; outlen += labellen; -- 2.33.5