From 23978817a2c1ed13861167154e8eb3d829104b6b Mon Sep 17 00:00:00 2001
From: Dan Kogai <dankogai+github@gmail.com>
Date: Wed, 6 Oct 2021 08:37:27 +0900
Subject: [PATCH] resolve RT#139622
---
Changes | 5 +++++
Encode.xs | 1 +
2 files changed, 6 insertions(+)
#diff --git a/Changes b/Changes
#index 39e0bc1..1613abc 100644
#--- a/Changes
#+++ b/Changes
#@@ -3,6 +3,11 @@
# # $Id: Changes,v 3.12 2021/08/09 14:17:04 dankogai Exp dankogai $
# #
# $Revision: 3.12 $ $Date: 2021/08/09 14:17:04 $
#+! Encode.xs
#+ Apply the patch of RT#139622 to fix a memory leak on FB_CROAK
#+ https://rt.cpan.org/Ticket/Display.html?id=139622
#+
#+3.12 2021/08/09 14:17:04
# ! Encode.pm
# Address CVE-2021-36770
# <9639159a-d070-4762-9cbd-f1622f10449c@beta.fastmail.com>
diff --git a/Encode.xs b/Encode.xs
index 4baf296..8cc8d15 100644
--- a/Encode.xs
+++ b/Encode.xs
@@ -275,6 +275,7 @@ encode_method(pTHX_ const encode_t * enc, const encpage_t * dir, SV * src, U8 *
/* decoding */
else {
if (check & ENCODE_DIE_ON_ERR){
+ SvREFCNT_dec(dst);
Perl_croak(aTHX_ ERR_DECODE_NOMAP,
enc->name[0], (UV)s[slen]);
return &PL_sv_undef; /* never reaches but be safe */
--
2.31.1