Fix accepting ill-formed UTF-8 characters

Conflicts: ext/phar/phar_path_check.c
author: Jakub Zelenka <bukka@php.net> 2014-04-21 13:02:20 +0100
committer: Stanislav Malyshev <stas@php.net> 2014-04-22 16:55:58 -0700
commit: 61499bf28252f7bea040395721178bb1a41365b9 (patch)
tree: 831be69867c14ef3b4451a7131f6c2e2efc411a9 /ext/phar
parent: ea4cee93c82496e3d1c4db1d69930f9fca85eb8b (diff)
download: php-git-61499bf28252f7bea040395721178bb1a41365b9.tar.gz
3 files changed, 188 insertions, 127 deletions
diff --git a/ext/phar/phar_path_check.c b/ext/phar/phar_path_check.c
index 22c915dfac..9826841d7b 100644
--- a/ext/phar/phar_path_check.c
+++ b/ext/phar/phar_path_check.c
@@ -1,4 +1,4 @@
-/* Generated by re2c 0.13.5 on Sun Apr 20 17:14:40 2014 */
+/* Generated by re2c 0.13.5 on Tue Apr 22 16:55:12 2014 */
 #line 1 "ext/phar/phar_path_check.re"
 /*
   +----------------------------------------------------------------------+
@@ -50,65 +50,87 @@ loop:
 
 	if ((YYLIMIT - YYCURSOR) < 4) YYFILL(4);
 	yych = *YYCURSOR;
-	if (yych <= '>') {
-		if (yych <= 0x19) {
-			if (yych <= 0x00) goto yy16;
-			if (yych == '\n') goto yy15;
-			goto yy14;
+	if (yych <= '[') {
+		if (yych <= ')') {
+			if (yych <= '\t') {
+				if (yych <= 0x00) goto yy21;
+				goto yy23;
+			} else {
+				if (yych <= '\n') goto yy2;
+				if (yych <= 0x19) goto yy23;
+				goto yy11;
+			}
 		} else {
-			if (yych <= '*') {
-				if (yych <= ')') goto yy18;
-				goto yy6;
+			if (yych <= '/') {
+				if (yych <= '*') goto yy7;
+				if (yych <= '.') goto yy11;
+				goto yy3;
 			} else {
-				if (yych != '/') goto yy18;
+				if (yych == '?') goto yy9;
+				goto yy11;
 			}
 		}
 	} else {
-		if (yych <= 0x7F) {
-			if (yych <= '?') goto yy8;
-			if (yych == '\\') goto yy4;
-			goto yy18;
+		if (yych <= 0xEC) {
+			if (yych <= 0xC1) {
+				if (yych <= '\\') goto yy5;
+				if (yych <= 0x7F) goto yy11;
+				goto yy23;
+			} else {
+				if (yych <= 0xDF) goto yy12;
+				if (yych <= 0xE0) goto yy14;
+				goto yy15;
+			}
 		} else {
-			if (yych <= 0xDF) {
-				if (yych <= 0xBF) goto yy14;
-				goto yy10;
+			if (yych <= 0xF0) {
+				if (yych <= 0xED) goto yy16;
+				if (yych <= 0xEF) goto yy17;
+				goto yy18;
 			} else {
-				if (yych <= 0xEF) goto yy12;
-				if (yych <= 0xF7) goto yy13;
-				goto yy14;
+				if (yych <= 0xF3) goto yy19;
+				if (yych <= 0xF4) goto yy20;
+				goto yy23;
 			}
 		}
 	}
+yy2:
+	YYCURSOR = YYMARKER;
+	if (yyaccept <= 0) {
+		goto yy4;
+	} else {
+		goto yy13;
+	}
+yy3:
 	yyaccept = 0;
 	yych = *(YYMARKER = ++YYCURSOR);
-	if (yych <= '-') goto yy3;
-	if (yych <= '.') goto yy29;
-	if (yych <= '/') goto yy30;
-yy3:
-#line 105 "ext/phar/phar_path_check.re"
+	if (yych <= '-') goto yy4;
+	if (yych <= '.') goto yy35;
+	if (yych <= '/') goto yy36;
+yy4:
+#line 88 "ext/phar/phar_path_check.re"
 	{
 			goto loop;
 		}
-#line 93 "ext/phar/phar_path_check.c"
-yy4:
+#line 115 "ext/phar/phar_path_check.c"
+yy5:
 	++YYCURSOR;
-#line 63 "ext/phar/phar_path_check.re"
+#line 72 "ext/phar/phar_path_check.re"
 	{
 			*error = "back-slash";
 			return pcr_err_back_slash;
 		}
-#line 101 "ext/phar/phar_path_check.c"
-yy6:
+#line 123 "ext/phar/phar_path_check.c"
+yy7:
 	++YYCURSOR;
-#line 67 "ext/phar/phar_path_check.re"
+#line 76 "ext/phar/phar_path_check.re"
 	{
 			*error = "star";
 			return pcr_err_star;
 		}
-#line 109 "ext/phar/phar_path_check.c"
-yy8:
+#line 131 "ext/phar/phar_path_check.c"
+yy9:
 	++YYCURSOR;
-#line 71 "ext/phar/phar_path_check.re"
+#line 80 "ext/phar/phar_path_check.re"
 	{
 			if (**s == '/') {
 				(*s)++;
@@ -117,39 +139,66 @@ yy8:
 			*error = NULL;
 			return pcr_use_query;
 		}
-#line 121 "ext/phar/phar_path_check.c"
-yy10:
-	++YYCURSOR;
-	if ((yych = *YYCURSOR) <= 0x7F) goto yy11;
-	if (yych <= 0xBF) goto yy27;
+#line 143 "ext/phar/phar_path_check.c"
 yy11:
-#line 88 "ext/phar/phar_path_check.re"
+	yych = *++YYCURSOR;
+	goto yy4;
+yy12:
+	++YYCURSOR;
+	if ((yych = *YYCURSOR) <= 0x7F) goto yy13;
+	if (yych <= 0xBF) goto yy26;
+yy13:
+#line 104 "ext/phar/phar_path_check.re"
 	{
 			*error ="illegal character";
 			return pcr_err_illegal_char;
 		}
-#line 132 "ext/phar/phar_path_check.c"
-yy12:
+#line 157 "ext/phar/phar_path_check.c"
+yy14:
 	yyaccept = 1;
 	yych = *(YYMARKER = ++YYCURSOR);
-	if (yych <= 0x7F) goto yy11;
-	if (yych <= 0xBF) goto yy24;
-	goto yy11;
-yy13:
+	if (yych <= 0x9F) goto yy13;
+	if (yych <= 0xBF) goto yy34;
+	goto yy13;
+yy15:
 	yyaccept = 1;
 	yych = *(YYMARKER = ++YYCURSOR);
-	if (yych <= 0x7F) goto yy11;
-	if (yych <= 0xBF) goto yy19;
-	goto yy11;
-yy14:
-	yych = *++YYCURSOR;
-	goto yy11;
-yy15:
-	yych = *++YYCURSOR;
-	goto yy11;
+	if (yych <= 0x7F) goto yy13;
+	if (yych <= 0xBF) goto yy33;
+	goto yy13;
 yy16:
+	yyaccept = 1;
+	yych = *(YYMARKER = ++YYCURSOR);
+	if (yych <= 0x7F) goto yy13;
+	if (yych <= 0x9F) goto yy32;
+	goto yy13;
+yy17:
+	yyaccept = 1;
+	yych = *(YYMARKER = ++YYCURSOR);
+	if (yych <= 0x7F) goto yy13;
+	if (yych <= 0xBF) goto yy31;
+	goto yy13;
+yy18:
+	yyaccept = 1;
+	yych = *(YYMARKER = ++YYCURSOR);
+	if (yych <= 0x8F) goto yy13;
+	if (yych <= 0xBF) goto yy29;
+	goto yy13;
+yy19:
+	yyaccept = 1;
+	yych = *(YYMARKER = ++YYCURSOR);
+	if (yych <= 0x7F) goto yy13;
+	if (yych <= 0xBF) goto yy27;
+	goto yy13;
+yy20:
+	yyaccept = 1;
+	yych = *(YYMARKER = ++YYCURSOR);
+	if (yych <= 0x7F) goto yy13;
+	if (yych <= 0x8F) goto yy24;
+	goto yy13;
+yy21:
 	++YYCURSOR;
-#line 92 "ext/phar/phar_path_check.re"
+#line 91 "ext/phar/phar_path_check.re"
 	{
 			if (**s == '/') {
 				(*s)++;
@@ -163,84 +212,92 @@ yy16:
 			*error = NULL;
 			return pcr_is_ok;
 		}
-#line 167 "ext/phar/phar_path_check.c"
-yy18:
+#line 216 "ext/phar/phar_path_check.c"
+yy23:
 	yych = *++YYCURSOR;
-	goto yy3;
-yy19:
+	goto yy13;
+yy24:
 	yych = *++YYCURSOR;
-	if (yych <= 0x7F) goto yy20;
-	if (yych <= 0xBF) goto yy21;
-yy20:
-	YYCURSOR = YYMARKER;
-	if (yyaccept <= 0) {
-		goto yy3;
-	} else {
-		goto yy11;
-	}
-yy21:
+	if (yych <= 0x7F) goto yy2;
+	if (yych >= 0xC0) goto yy2;
 	yych = *++YYCURSOR;
-	if (yych <= 0x7F) goto yy20;
-	if (yych >= 0xC0) goto yy20;
-	++YYCURSOR;
-#line 85 "ext/phar/phar_path_check.re"
-	{
-			goto loop;
-	}
-#line 191 "ext/phar/phar_path_check.c"
-yy24:
+	if (yych <= 0x7F) goto yy2;
+	if (yych >= 0xC0) goto yy2;
+yy26:
 	yych = *++YYCURSOR;
-	if (yych <= 0x7F) goto yy20;
-	if (yych >= 0xC0) goto yy20;
-	++YYCURSOR;
-#line 82 "ext/phar/phar_path_check.re"
-	{
-			goto loop;
-	}
-#line 201 "ext/phar/phar_path_check.c"
+	goto yy4;
 yy27:
-	++YYCURSOR;
-#line 79 "ext/phar/phar_path_check.re"
-	{
-			goto loop;
-	}
-#line 208 "ext/phar/phar_path_check.c"
+	yych = *++YYCURSOR;
+	if (yych <= 0x7F) goto yy2;
+	if (yych >= 0xC0) goto yy2;
+	yych = *++YYCURSOR;
+	if (yych <= 0x7F) goto yy2;
+	if (yych <= 0xBF) goto yy26;
+	goto yy2;
 yy29:
 	yych = *++YYCURSOR;
-	if (yych <= 0x00) goto yy33;
-	if (yych <= '-') goto yy20;
-	if (yych <= '.') goto yy32;
-	if (yych <= '/') goto yy33;
-	goto yy20;
-yy30:
+	if (yych <= 0x7F) goto yy2;
+	if (yych >= 0xC0) goto yy2;
+	yych = *++YYCURSOR;
+	if (yych <= 0x7F) goto yy2;
+	if (yych <= 0xBF) goto yy26;
+	goto yy2;
+yy31:
+	yych = *++YYCURSOR;
+	if (yych <= 0x7F) goto yy2;
+	if (yych <= 0xBF) goto yy26;
+	goto yy2;
+yy32:
+	yych = *++YYCURSOR;
+	if (yych <= 0x7F) goto yy2;
+	if (yych <= 0xBF) goto yy26;
+	goto yy2;
+yy33:
+	yych = *++YYCURSOR;
+	if (yych <= 0x7F) goto yy2;
+	if (yych <= 0xBF) goto yy26;
+	goto yy2;
+yy34:
+	yych = *++YYCURSOR;
+	if (yych <= 0x7F) goto yy2;
+	if (yych <= 0xBF) goto yy26;
+	goto yy2;
+yy35:
+	yych = *++YYCURSOR;
+	if (yych <= 0x00) goto yy39;
+	if (yych <= '-') goto yy2;
+	if (yych <= '.') goto yy38;
+	if (yych <= '/') goto yy39;
+	goto yy2;
+yy36:
 	++YYCURSOR;
-#line 51 "ext/phar/phar_path_check.re"
+#line 60 "ext/phar/phar_path_check.re"
 	{
 			*error = "double slash";
 			return pcr_err_double_slash;
 		}
-#line 223 "ext/phar/phar_path_check.c"
-yy32:
+#line 280 "ext/phar/phar_path_check.c"
+yy38:
 	yych = *++YYCURSOR;
-	if (yych <= 0x00) goto yy35;
-	if (yych == '/') goto yy35;
-	goto yy20;
-yy33:
+	if (yych <= 0x00) goto yy41;
+	if (yych == '/') goto yy41;
+	goto yy2;
+yy39:
 	++YYCURSOR;
-#line 59 "ext/phar/phar_path_check.re"
+#line 68 "ext/phar/phar_path_check.re"
 	{
 			*error = "current directory reference";
 			return pcr_err_curr_dir;
 		}
-#line 236 "ext/phar/phar_path_check.c"
-yy35:
+#line 293 "ext/phar/phar_path_check.c"
+yy41:
 	++YYCURSOR;
-#line 55 "ext/phar/phar_path_check.re"
+#line 64 "ext/phar/phar_path_check.re"
 	{
 			*error = "upper directory reference";
 			return pcr_err_up_dir;
 		}
-#line 244 "ext/phar/phar_path_check.c"
+#line 301 "ext/phar/phar_path_check.c"
 }
 #line 108 "ext/phar/phar_path_check.re"
 
diff --git a/ext/phar/phar_path_check.re b/ext/phar/phar_path_check.re
index b182d78480..df64076871 100644
--- a/ext/phar/phar_path_check.re
+++ b/ext/phar/phar_path_check.re
@@ -42,10 +42,19 @@ phar_path_check_result phar_path_check(char **s, int *len, const char **error)
 loop:
 /*!re2c
 END = "\x00";
-MB2 = ([\xC0-\xDF][\x80-\xBF]);
-MB3 = ([\xE0-\xEF][\x80-\xBF]{2});
-MB4 = ([\xF0-\xF7][\x80-\xBF]{3});
-ILL = [\x01-\x19\x80-\xFF];
+UTF8T   = [\x80-\xBF] ;
+UTF8_1  = [\x1A-\x7F] ;
+UTF8_2  = [\xC2-\xDF] UTF8T ;
+UTF8_3A = "\xE0" [\xA0-\xBF] UTF8T ;
+UTF8_3B = [\xE1-\xEC] UTF8T{2} ;
+UTF8_3C = "\xED" [\x80-\x9F] UTF8T ;
+UTF8_3D = [\xEE-\xEF] UTF8T{2} ;
+UTF8_3  = UTF8_3A | UTF8_3B | UTF8_3C | UTF8_3D ;
+UTF8_4A = "\xF0"[\x90-\xBF] UTF8T{2} ;
+UTF8_4B = [\xF1-\xF3] UTF8T{3} ;
+UTF8_4C = "\xF4" [\x80-\x8F] UTF8T{2} ;
+UTF8_4  = UTF8_4A | UTF8_4B | UTF8_4C ;
+UTF8    = UTF8_1 | UTF8_2 | UTF8_3 | UTF8_4 ;
 EOS = "/" | END;
 ANY = .;
 "//" 	{
@@ -76,18 +85,8 @@ ANY = .;
 			*error = NULL;
 			return pcr_use_query;
 		}
-MB2 {
+UTF8 {
 			goto loop;
-	}
-MB3 {
-			goto loop;
-	}
-MB4 {
-			goto loop;
-	}
-ILL {
-			*error ="illegal character";
-			return pcr_err_illegal_char;
 		}
 END {
 			if (**s == '/') {
@@ -103,7 +102,8 @@ END {
 			return pcr_is_ok;
 		}
 ANY {
-			goto loop;
+			*error ="illegal character";
+			return pcr_err_illegal_char;
 		}
 */
 }
diff --git a/ext/phar/tests/create_path_error.phpt b/ext/phar/tests/create_path_error.phpt
index 7451d9cd39..886ba81925 100644
--- a/ext/phar/tests/create_path_error.phpt
+++ b/ext/phar/tests/create_path_error.phpt
@@ -34,6 +34,8 @@ $checks = array(
     "\xF0\x9F\x98\x8D.ttf", // valid 4 byte char - smiling face with heart-shaped eyes
     "Font\xE9\xBBpro.ttf", //Invalid multi-byte character - missing last byte
     "Font\xBB\x91pro.ttf",   //Invalid multi-byte character - missing first byte
+    "Font\xC0\xAFpro.ttf",   //Invalid multi-byte character - invalid first byte
+    "Font\xF0\x80\x90\x90pro.ttf",   //Invalid multi-byte character - surrogate pair code point
     "\xFC\x81\x81\x81\x81pro.ttf", //RFC 3629 limited char points to 0000-10FFFF aka 5 byte utf-8 not valid
 );
 foreach($checks as $check)
@@ -76,6 +78,8 @@ string(5) "query"
 9:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
 10:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
 11:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
+12:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
+13:Error: file_put_contents(phar:///%s): failed to open stream: phar error: invalid path "%s" contains illegal character
 Exception: Entry a does not exist and cannot be created: phar error: invalid path "a" contains illegal character
 ===DONE===
author	Jakub Zelenka <bukka@php.net>	2014-04-21 13:02:20 +0100
committer	Stanislav Malyshev <stas@php.net>	2014-04-22 16:55:58 -0700
commit	61499bf28252f7bea040395721178bb1a41365b9 (patch)
tree	831be69867c14ef3b4451a7131f6c2e2efc411a9 /ext/phar
parent	ea4cee93c82496e3d1c4db1d69930f9fca85eb8b (diff)
download	php-git-61499bf28252f7bea040395721178bb1a41365b9.tar.gz