aboutsummaryrefslogtreecommitdiffstats
path: root/libwc/ucs.c
diff options
context:
space:
mode:
authorTatsuya Kinoshita <tats@debian.org>2021-03-23 10:02:12 +0000
committerTatsuya Kinoshita <tats@debian.org>2021-03-23 10:02:12 +0000
commitf70cacbbd7e4c47a153181250382c4481f87c98d (patch)
treeb7efced5215d93b9b5aa98b61e853f892ec3384f /libwc/ucs.c
parentUpdate ChangeLog (diff)
downloadw3m-f70cacbbd7e4c47a153181250382c4481f87c98d.tar.gz
w3m-f70cacbbd7e4c47a153181250382c4481f87c98d.zip
Prevent unneeded memory allocation for language tags in libwc
cf. https://oss-fuzz.com/testcase-detail/6275874304425984 Bug-Chromium: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31397
Diffstat (limited to '')
-rw-r--r--libwc/ucs.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/libwc/ucs.c b/libwc/ucs.c
index 4fe020d..288014e 100644
--- a/libwc/ucs.c
+++ b/libwc/ucs.c
@@ -702,8 +702,13 @@ wtf_push_ucs(Str os, wc_uint32 ucs, wc_status *st)
if (! WcOption.use_language_tag)
return;
if (ucs == WC_C_LANGUAGE_TAG)
- st->tag = Strnew_size(MAX_TAG_LEN);
+ if (st->tag)
+ Strclear(st->tag);
+ else
+ st->tag = Strnew_size(MAX_TAG_LEN);
else if (ucs == WC_C_CANCEL_TAG) {
+ if (st->tag)
+ Strfree(st->tag);
st->tag = NULL;
st->ntag = 0;
} else if (st->tag && st->tag->length < MAX_TAG_LEN &&