| https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355 |
| |
| CVE: CVE-2022-0530 |
| Upstream-Status: Inactive-Upstream [need a new release] |
| |
| diff --git a/fileio.c b/fileio.c |
| index 6290824..77e4b5f 100644 |
| --- a/fileio.c |
| +++ b/fileio.c |
| @@ -2361,6 +2361,9 @@ int do_string(__G__ length, option) /* return PK-type error code */ |
| /* convert UTF-8 to local character set */ |
| fn = utf8_to_local_string(G.unipath_filename, |
| G.unicode_escape_all); |
| + if (fn == NULL) |
| + return PK_ERR; |
| + |
| /* make sure filename is short enough */ |
| if (strlen(fn) >= FILNAMSIZ) { |
| fn[FILNAMSIZ - 1] = '\0'; |
| diff --git a/process.c b/process.c |
| index d2a846e..715bc0f 100644 |
| --- a/process.c |
| +++ b/process.c |
| @@ -2605,6 +2605,8 @@ char *utf8_to_local_string(utf8_string, escape_all) |
| int escape_all; |
| { |
| zwchar *wide = utf8_to_wide_string(utf8_string); |
| + if (wide == NULL) |
| + return NULL; |
| char *loc = wide_to_local_string(wide, escape_all); |
| free(wide); |
| return loc; |
| |