Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request from GHSA-g3x6-p824-x6hm
Fix Out-of-bound read in url_canonize2 and url_canonize3
  • Loading branch information
andywolk committed May 25, 2022
2 parents 907f2ac + 32a209f commit 51841eb
Showing 1 changed file with 12 additions and 2 deletions.
14 changes: 12 additions & 2 deletions libsofia-sip-ua/url/url.c
Expand Up @@ -364,7 +364,12 @@ char *url_canonize2(char *d, char const * const s, size_t n,
continue;
}

h1 = s[i + 1], h2 = s[i + 2];
h1 = s[i + 1];
if (!h1) {
*d = '\0';
return NULL;
}
h2 = s[i + 2];

if (!IS_HEX(h1) || !IS_HEX(h2)) {
*d = '\0';
Expand Down Expand Up @@ -422,7 +427,12 @@ char *url_canonize3(char *d, char const * const s, size_t n,
continue;
}

h1 = s[i + 1], h2 = s[i + 2];
h1 = s[i + 1];
if (!h1) {
*d = '\0';
return NULL;
}
h2 = s[i + 2];

if (!IS_HEX(h1) || !IS_HEX(h2)) {
*d = '\0';
Expand Down

0 comments on commit 51841eb

Please sign in to comment.