From 6b8bce71f3ea435fcb286d49df1204c23ef3ea01 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis <info@bnoordhuis.nl>
Date: Thu, 18 Jan 2024 14:52:38 +0100
Subject: [PATCH] fix: reject zero-length idna inputs

CVE: CVE-2024-24806
Upstream commit: 3530bcc30350d4a6ccf35d2f7b33e23292b9de70

Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
---
 src/idna.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/idna.c b/src/idna.c
index 874f1caf..97edf06c 100644
--- a/src/idna.c
+++ b/src/idna.c
@@ -254,6 +254,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
   char* ds;
   int rc;
 
+  if (s == se)
+    return UV_EINVAL;
+
   ds = d;
 
   for (si = s; si < se; /* empty */) {
-- 
2.43.0