File zvbi-CVE-2025-2173.patch of Package zvbi.37834
Index: zvbi-0.2.42/src/conv.c
===================================================================
--- zvbi-0.2.42.orig/src/conv.c
+++ zvbi-0.2.42/src/conv.c
@@ -583,8 +583,8 @@ strndup_iconv_from_ucs2 (unsigned long
* @returns
* A pointer to the allocated buffer. You must free() the buffer
* when it is no longer needed. The function returns @c NULL when
- * the conversion fails, when it runs out of memory or when @a src
- * is @c NULL.
+ * the conversion fails, when it runs out of memory, src_length is
+ * set to zero, or when @a src is @c NULL.
*
* @since 0.2.23
*/
@@ -598,6 +598,9 @@ vbi_strndup_iconv_ucs2 (const char * d
char *result;
unsigned long size;
+ if (0 == src_length)
+ return NULL;
+
buffer = strndup_iconv_from_ucs2 (&size,
dst_codeset,
src, src_length,