components/library/icu-74/patches/106-source-extra-uconv-uconv.cpp.patch

   1 #
   2 # Copyright (c) 2015, 2016, Oracle and/or its affiliates. All rights reserved.
   3 #
   4 Add NULL checks to getBuffer calls and catch a potential file leak
   5 https://unicode-org.atlassian.net/browse/ICU-12378
   6
   7 --- icu/source/extra/uconv/uconv.cpp.orig
   8 +++ icu/source/extra/uconv/uconv.cpp
   9 @@ -445,7 +445,10 @@
  10          }
  11      }
  12
  13 -    const char16_t *u = s.getBuffer(), *limit = u + s.length();
  14 +    const char16_t *u = s.getBuffer();
  15 +    if (u == nullptr)
  16 +        return -1;
  17 +    const char16_t *limit = u + s.length();
  18      char16_t c;
  19
  20      while (u < limit) {
  21 @@ -1348,6 +1351,7 @@
  22
  23      cf.setBufferSize(bufsz);
  24
  25 +    try {
  26      if(remainArgv < remainArgvLimit) {
  27          for (iter = remainArgv; iter != remainArgvLimit; iter++) {
  28              if (!cf.convertFile(
  29 @@ -1367,6 +1371,11 @@
  30              goto error_exit;
  31          }
  32      }
  33 +    }
  34 +    catch (int e)
  35 +    {
  36 +        goto error_exit;
  37 +    }
  38
  39      goto normal_exit;
  40  error_exit: