File CVE-2024-24806.patch of Package nodejs16

Index: node-v16.20.2/deps/uv/src/idna.c
===================================================================
--- node-v16.20.2.orig/deps/uv/src/idna.c
+++ node-v16.20.2/deps/uv/src/idna.c
@@ -273,6 +273,9 @@ long uv__idna_toascii(const char* s, con
   char* ds;
   int rc;
 
+  if (s == se)
+    return UV_EINVAL;
+
   ds = d;
 
   si = s;
@@ -307,8 +310,9 @@ long uv__idna_toascii(const char* s, con
       return rc;
   }
 
-  if (d < de)
-    *d++ = '\0';
+  if (d >= de)
+    return UV_EINVAL;
 
+  *d++ = '\0';
   return d - ds;  /* Number of bytes written. */
 }
openSUSE Build Service is sponsored by