diff options
author | bapt <bapt@FreeBSD.org> | 2015-09-02 05:55:57 +0000 |
---|---|---|
committer | bapt <bapt@FreeBSD.org> | 2015-09-02 05:55:57 +0000 |
commit | 88feb84264586b144d11f4049848eef880342f6a (patch) | |
tree | 93e02d7078f42fabdee83b0c5d5835eab13a3d92 | |
parent | 326626fa22483d555ec64447226e6f76a8049b8a (diff) | |
download | FreeBSD-src-88feb84264586b144d11f4049848eef880342f6a.zip FreeBSD-src-88feb84264586b144d11f4049848eef880342f6a.tar.gz |
MFC: r286490,r286491,r287125
Per rfc3629 value greater than 0x10ffff should be rejected (r286490,r286491)
Make UTF-8 parsing and generation more strict. (r287125 by ed)
- in mbrtowc() we need to disallow codepoints above 0x10ffff.
- In wcrtomb() we need to disallow codepoints between 0xd800 and 0xdfff.
-rw-r--r-- | lib/libc/locale/utf8.c | 22 |
1 files changed, 6 insertions, 16 deletions
diff --git a/lib/libc/locale/utf8.c b/lib/libc/locale/utf8.c index ce49279..8ccfdb1 100644 --- a/lib/libc/locale/utf8.c +++ b/lib/libc/locale/utf8.c @@ -145,14 +145,6 @@ _UTF8_mbrtowc(wchar_t * __restrict pwc, const char * __restrict s, size_t n, mask = 0x07; want = 4; lbound = 0x10000; - } else if ((ch & 0xfc) == 0xf8) { - mask = 0x03; - want = 5; - lbound = 0x200000; - } else if ((ch & 0xfe) == 0xfc) { - mask = 0x01; - want = 6; - lbound = 0x4000000; } else { /* * Malformed input; input is not UTF-8. @@ -199,7 +191,7 @@ _UTF8_mbrtowc(wchar_t * __restrict pwc, const char * __restrict s, size_t n, errno = EILSEQ; return ((size_t)-1); } - if (wch >= 0xd800 && wch <= 0xdfff) { + if ((wch >= 0xd800 && wch <= 0xdfff) || wch > 0x10ffff) { /* * Malformed input; invalid code points. */ @@ -326,17 +318,15 @@ _UTF8_wcrtomb(char * __restrict s, wchar_t wc, mbstate_t * __restrict ps) lead = 0xc0; len = 2; } else if ((wc & ~0xffff) == 0) { + if (wc >= 0xd800 && wc <= 0xdfff) { + errno = EILSEQ; + return ((size_t)-1); + } lead = 0xe0; len = 3; - } else if ((wc & ~0x1fffff) == 0) { + } else if (wc >= 0 && wc <= 0x10ffff) { lead = 0xf0; len = 4; - } else if ((wc & ~0x3ffffff) == 0) { - lead = 0xf8; - len = 5; - } else if ((wc & ~0x7fffffff) == 0) { - lead = 0xfc; - len = 6; } else { errno = EILSEQ; return ((size_t)-1); |