Fix CVE-2024-24806

Bug: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
Bug-Debian: https://bugs.debian.org/1063484
Origin: https://github.com/libuv/libuv
 git diff v1.48.0~5..v1.48.0~2

From upstream change log:
   Merge pull request from GHSA-f74f-cvh7-c6q6
    * fix: always zero-terminate idna output
    * fix: reject zero-length idna inputs
    * test: empty strings are not valid IDNA

See also https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
===================================================================

Gbp-Pq: Topic libuv
Gbp-Pq: Name fix-cve-2024-24806

diff --git a/deps/uv/src/idna.c b/deps/uv/src/idna.c
index 93d982ca018f2d39d9c0ffab07998c2c637029eb..858b19d00ee4239879357f2ec0231cb6d84e4186 100644 (file)
--- a/deps/uv/src/idna.c
+++ b/deps/uv/src/idna.c
@@ -274,6 +274,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
   char* ds;
   int rc;
 
+  if (s == se)
+    return UV_EINVAL;
+
   ds = d;
 
   si = s;
@@ -308,8 +311,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
       return rc;
   }
 
-  if (d < de)
-    *d++ = '\0';
+  if (d >= de)
+    return UV_EINVAL;
 
+  *d++ = '\0';
   return d - ds;  /* Number of bytes written. */
 }