MFB: limit iconv parameters here too

diff --git a/ext/xmlrpc/libxmlrpc/encodings.c b/ext/xmlrpc/libxmlrpc/encodings.c
index 1637a0961c211379d77f9272375cc6c9930ca221..f4cc212d7c96314fd5c19f7fff51493a88201d30 100644 (file)
--- a/ext/xmlrpc/libxmlrpc/encodings.c
+++ b/ext/xmlrpc/libxmlrpc/encodings.c
@@ -53,6 +53,10 @@ static const char rcsid[] = "#(@) $Id$";
 
 #include "encodings.h"
 
+#ifndef ICONV_CSNMAXLEN
+#define ICONV_CSNMAXLEN 64
+#endif
+
 static char* convert(const char* src, int src_len, int *new_len, const char* from_enc, const char* to_enc) {
    char* outbuf = 0;
 
@@ -60,9 +64,13 @@ static char* convert(const char* src, int src_len, int *new_len, const char* fro
       size_t outlenleft = src_len;
       size_t inlenleft = src_len;
       int outlen = src_len;
-      iconv_t ic = iconv_open(to_enc, from_enc);
+      iconv_t ic;
       char* out_ptr = 0;
 
+      if(strlen(to_enc) >= ICONV_CSNMAXLEN || strlen(from_enc) >= ICONV_CSNMAXLEN) {
+         return NULL;
+      }
+      ic = iconv_open(to_enc, from_enc);
       if(ic != (iconv_t)-1) {
          size_t st;
          outbuf = (char*)malloc(outlen + 1);