From 1fadaae0c98941f8d6abec9a9993581dc7823eb7 Mon Sep 17 00:00:00 2001
From: Lee Thomason <leethomason@gmail.com>
Date: Mon, 9 Dec 2024 21:39:30 -0800
Subject: [PATCH] another defensive check

---
 tinyxml2.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tinyxml2.cpp b/tinyxml2.cpp
index b5e85aad..769ccfe1 100644
--- a/tinyxml2.cpp
+++ b/tinyxml2.cpp
@@ -545,6 +545,11 @@ const char* XMLUtil::GetCharacterRef(const char* p, char* value, int* length)
         }
         // convert the UCS to UTF-8
         ConvertUTF32ToUTF8(ucs, value, length);
+		if (length == 0) {
+            // If length is 0, there was an error. (Security? Bad input?)
+            // Fail safely.
+			return 0;
+		}
         return p + delta + 1;
     }
     return p + 1;