Fix for CVE-2024-24806

author sidpaswan <s.paswan@samsung.com>

Fri, 20 Sep 2024 13:49:00 +0000 (19:19 +0530)

committer Bot Blink <blinkbot@samsung.com>

Mon, 23 Sep 2024 04:29:18 +0000 (04:29 +0000)
author sidpaswan <s.paswan@samsung.com>
Fri, 20 Sep 2024 13:49:00 +0000 (19:19 +0530)
committer Bot Blink <blinkbot@samsung.com>
Mon, 23 Sep 2024 04:29:18 +0000 (04:29 +0000)
diff --git a/third_party/electron_node/deps/uv/src/idna.c b/third_party/electron_node/deps/uv/src/idna.c

index 93d982ca018f2d39d9c0ffab07998c2c637029eb..ce7f27469f4723bac4c0f5dab0b4b347128c13e7 100644 (file)
--- a/third_party/electron_node/deps/uv/src/idna.c
+++ b/third_party/electron_node/deps/uv/src/idna.c
@@ -308,8 +308,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
        return rc;
    }
  
-  if (d < de)
-    *d++ = '\0';
+  if (d >= de)
+    return UV_EINVAL;
  
+  *d++ = '\0';
    return d - ds;  /* Number of bytes written. */
  }
diff --git a/third_party/electron_node/deps/uv/test/test-idna.c b/third_party/electron_node/deps/uv/test/test-idna.c

index f4fad9653df2cfcaad504f737e8d38b45a3d1c4d..d079be55c6b11ec3068feac91ecbe15a9d265436 100644 (file)
--- a/third_party/electron_node/deps/uv/test/test-idna.c
+++ b/third_party/electron_node/deps/uv/test/test-idna.c
@@ -99,6 +99,7 @@ TEST_IMPL(utf8_decode1) {
  TEST_IMPL(utf8_decode1_overrun) {
    const char* p;
    char b[1];
+  char c[1];
  
    /* Single byte. */
    p = b;
@@ -112,6 +113,9 @@ TEST_IMPL(utf8_decode1_overrun) {
    ASSERT_EQ((unsigned) -1, uv__utf8_decode1(&p, b + 1));
    ASSERT_EQ(p, b + 1);
  
+  b[0] = 0x7F;
+  ASSERT_EQ(UV_EINVAL, uv__idna_toascii(b, b + 1, c, c + 1));
+
    return 0;
  }
author	sidpaswan <s.paswan@samsung.com>
	Fri, 20 Sep 2024 13:49:00 +0000 (19:19 +0530)
committer	Bot Blink <blinkbot@samsung.com>
	Mon, 23 Sep 2024 04:29:18 +0000 (04:29 +0000)
third_party/electron_node/deps/uv/src/idna.c		patch \| blob \| history
third_party/electron_node/deps/uv/test/test-idna.c		patch \| blob \| history