From f70cacbbd7e4c47a153181250382c4481f87c98d Mon Sep 17 00:00:00 2001 From: Tatsuya Kinoshita Date: Tue, 23 Mar 2021 19:02:12 +0900 Subject: Prevent unneeded memory allocation for language tags in libwc cf. https://oss-fuzz.com/testcase-detail/6275874304425984 Bug-Chromium: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31397 --- libwc/ucs.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'libwc') diff --git a/libwc/ucs.c b/libwc/ucs.c index 4fe020d..288014e 100644 --- a/libwc/ucs.c +++ b/libwc/ucs.c @@ -702,8 +702,13 @@ wtf_push_ucs(Str os, wc_uint32 ucs, wc_status *st) if (! WcOption.use_language_tag) return; if (ucs == WC_C_LANGUAGE_TAG) - st->tag = Strnew_size(MAX_TAG_LEN); + if (st->tag) + Strclear(st->tag); + else + st->tag = Strnew_size(MAX_TAG_LEN); else if (ucs == WC_C_CANCEL_TAG) { + if (st->tag) + Strfree(st->tag); st->tag = NULL; st->ntag = 0; } else if (st->tag && st->tag->length < MAX_TAG_LEN && -- cgit v1.2.3