From 7cf269dd1c7016edef00f2fc97933223c76a5dce Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Wed, 20 Sep 2023 11:10:16 +0200
Subject: [PATCH] idn: if idn2_check_version returns NULL, return error

... this avoids a NULL dereference for this unusual case.

Reported-by: s0urc3_ on hackerone
Closes #11898
---
 lib/idn.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/idn.c b/lib/idn.c
index 1f31a9546c..475d9c9beb 100644
--- a/lib/idn.c
+++ b/lib/idn.c
@@ -174,6 +174,9 @@ static CURLcode idn_decode(const char *input, char **output)
     if(rc != IDN2_OK)
       result = CURLE_URL_MALFORMAT;
   }
+  else
+    /* a too old libidn2 version */
+    result = CURLE_NOT_BUILT_IN;
 #elif defined(USE_WIN32_IDN)
   result = win32_idn_to_ascii(input, &decoded);
 #endif