File wget-buffer-overflow-CVE-2019-5953.patch of Package wget.31872

Index: wget-1.14/src/iri.c
===================================================================
--- wget-1.14.orig/src/iri.c
+++ wget-1.14/src/iri.c
@@ -183,17 +183,12 @@ do_conversion (iconv_t cd, char *in, siz
         }
       else if (errno == E2BIG) /* Output buffer full */
         {
-          char *new;
-
           tooshort++;
-          done = len;
-          outlen = done + inlen * 2;
-          new = xmalloc (outlen + 1);
-          memcpy (new, s, done);
-          xfree (s);
-          s = new;
-          len = outlen;
-          *out = s + done;
+	  done = len;
+	  len = done + inlen * 2;
+	  s = xrealloc (s, len + 1);
+	  *out = s + done - outlen;
+	  outlen += inlen * 2;
         }
       else /* Weird, we got an unspecified error */
         {
openSUSE Build Service is sponsored by