diff options
author | Tatsuya Kinoshita <tats@debian.org> | 2021-03-23 10:02:12 +0000 |
---|---|---|
committer | Tatsuya Kinoshita <tats@debian.org> | 2021-03-23 10:02:12 +0000 |
commit | f70cacbbd7e4c47a153181250382c4481f87c98d (patch) | |
tree | b7efced5215d93b9b5aa98b61e853f892ec3384f /libwc/ucs.c | |
parent | Update ChangeLog (diff) | |
download | w3m-f70cacbbd7e4c47a153181250382c4481f87c98d.tar.gz w3m-f70cacbbd7e4c47a153181250382c4481f87c98d.zip |
Prevent unneeded memory allocation for language tags in libwc
cf. https://oss-fuzz.com/testcase-detail/6275874304425984
Bug-Chromium: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31397
Diffstat (limited to 'libwc/ucs.c')
-rw-r--r-- | libwc/ucs.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/libwc/ucs.c b/libwc/ucs.c index 4fe020d..288014e 100644 --- a/libwc/ucs.c +++ b/libwc/ucs.c @@ -702,8 +702,13 @@ wtf_push_ucs(Str os, wc_uint32 ucs, wc_status *st) if (! WcOption.use_language_tag) return; if (ucs == WC_C_LANGUAGE_TAG) - st->tag = Strnew_size(MAX_TAG_LEN); + if (st->tag) + Strclear(st->tag); + else + st->tag = Strnew_size(MAX_TAG_LEN); else if (ucs == WC_C_CANCEL_TAG) { + if (st->tag) + Strfree(st->tag); st->tag = NULL; st->ntag = 0; } else if (st->tag && st->tag->length < MAX_TAG_LEN && |