From: Michael R Sweet <msweet@msweet.org>
Date: Tue, 26 Jan 2021 08:02:32 -0500
Subject: CVE-2021-23180

Fix a crash bug with malformed URIs (Issue #418)

Origin: upstream, https://github.com/michaelrsweet/htmldoc/commit/19c582fb32eac74b57e155cffbb529377a9e751a
Bug: https://github.com/michaelrsweet/htmldoc/issues/418
Bug-Debian: https://bugs.debian.org/989437
---
 htmldoc/file.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/htmldoc/file.c b/htmldoc/file.c
index 9f017de..eee89af 100644
--- a/htmldoc/file.c
+++ b/htmldoc/file.c
@@ -304,6 +304,7 @@ const char *			/* O - File extension */
 file_extension(const char *s)	/* I - Filename or URL */
 {
   const char	*extension;	/* Pointer to directory separator */
+  char		*bufptr;	/* Pointer into buffer */
   static char	buf[1024];	/* Buffer for files with targets */
 
 
@@ -334,7 +335,8 @@ file_extension(const char *s)	/* I - Filename or URL */
 
   strlcpy(buf, extension, sizeof(buf));
 
-  *(char *)strchr(buf, '#') = '\0';
+  if ((bufptr = strchr(buf, '#')) != NULL)
+    *bufptr = '\0';
 
   return (buf);
 }