Avoid use-after-free in builtin unicode

Calculate length _before_ realloc, not after.
ethomson · Dec 21, 2023 · bcd9642 · bcd9642
1 parent 50aca17
commit bcd9642
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/src/unicode_builtin.c b/src/unicode_builtin.c
@@ -372,13 +372,13 @@ static inline bool unicode_builtin_encoding_convert(
 			goto done;
 		}
 
+		out_len = out_start - out;
+
 		if ((new_out = realloc(out, out_size)) == NULL) {
 			ntlm_client_set_errmsg(ntlm, "out of memory");
 			goto done;
 		}
 
-		out_len = out_start - out;
-
 		out = new_out;
 		out_start = new_out + out_len;
 		out_end = out + out_size;