| Andrew Geissler | 615f2f1 | 2022-07-15 14:00:58 -0500 | [diff] [blame^] | 1 | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355 |
| 2 | |
| 3 | CVE: CVE-2022-0530 |
| 4 | Upstream-Status: Inactive-Upstream [need a new release] |
| 5 | |
| 6 | diff --git a/fileio.c b/fileio.c |
| 7 | index 6290824..77e4b5f 100644 |
| 8 | --- a/fileio.c |
| 9 | +++ b/fileio.c |
| 10 | @@ -2361,6 +2361,9 @@ int do_string(__G__ length, option) /* return PK-type error code */ |
| 11 | /* convert UTF-8 to local character set */ |
| 12 | fn = utf8_to_local_string(G.unipath_filename, |
| 13 | G.unicode_escape_all); |
| 14 | + if (fn == NULL) |
| 15 | + return PK_ERR; |
| 16 | + |
| 17 | /* make sure filename is short enough */ |
| 18 | if (strlen(fn) >= FILNAMSIZ) { |
| 19 | fn[FILNAMSIZ - 1] = '\0'; |
| 20 | diff --git a/process.c b/process.c |
| 21 | index d2a846e..715bc0f 100644 |
| 22 | --- a/process.c |
| 23 | +++ b/process.c |
| 24 | @@ -2605,6 +2605,8 @@ char *utf8_to_local_string(utf8_string, escape_all) |
| 25 | int escape_all; |
| 26 | { |
| 27 | zwchar *wide = utf8_to_wide_string(utf8_string); |
| 28 | + if (wide == NULL) |
| 29 | + return NULL; |
| 30 | char *loc = wide_to_local_string(wide, escape_all); |
| 31 | free(wide); |
| 32 | return loc; |
| 33 | |