From 8b6f590aaa8d110ef6f62befb792827c16d7e75a Mon Sep 17 00:00:00 2001
From: Vincent Sanders <vince@kyllikki.org>
Date: Thu, 13 Jun 2019 17:02:08 +0100
Subject: prevent out of bounds access when checking IDNA host label

---
 utils/idna.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'utils')

diff --git a/utils/idna.c b/utils/idna.c
index 70d321db5..d657f90e2 100644
--- a/utils/idna.c
+++ b/utils/idna.c
@@ -437,7 +437,7 @@ static bool idna__is_valid(int32_t *label, size_t len)
 	 */
 
 	/* 2. Check characters 3 and 4 are not '--'. */
-	if ((label[2] == 0x002d) && (label[3] == 0x002d)) {
+	if ((len >= 4) && (label[2] == 0x002d) && (label[3] == 0x002d)) {
 		NSLOG(netsurf, INFO,
 		      "Check failed: characters 2 and 3 are '--'");
 		return false;
-- 
cgit v1.2.3