diff options
Diffstat (limited to 'ext/pcre/pcrelib/pcre_valid_utf8.c')
| -rw-r--r-- | ext/pcre/pcrelib/pcre_valid_utf8.c | 48 |
1 files changed, 39 insertions, 9 deletions
diff --git a/ext/pcre/pcrelib/pcre_valid_utf8.c b/ext/pcre/pcrelib/pcre_valid_utf8.c index 727fbe8d0a..6b341c195e 100644 --- a/ext/pcre/pcrelib/pcre_valid_utf8.c +++ b/ext/pcre/pcrelib/pcre_valid_utf8.c @@ -6,7 +6,7 @@ and semantics are as close as possible to those of the Perl 5 language. Written by Philip Hazel - Copyright (c) 1997-2006 University of Cambridge + Copyright (c) 1997-2008 University of Cambridge ----------------------------------------------------------------------------- Redistribution and use in source and binary forms, with or without @@ -42,6 +42,8 @@ POSSIBILITY OF SUCH DAMAGE. strings. */ +#include "config.h" + #include "pcre_internal.h" @@ -55,6 +57,13 @@ that subsequent code can assume it is dealing with a valid string. The check can be turned off for maximum performance, but the consequences of supplying an invalid string are then undefined. +Originally, this function checked according to RFC 2279, allowing for values in +the range 0 to 0x7fffffff, up to 6 bytes long, but ensuring that they were in +the canonical format. Once somebody had pointed out RFC 3629 to me (it +obsoletes 2279), additional restrictions were applied. The values are now +limited to be between 0 and 0x0010ffff, no more than 4 bytes long, and the +subrange 0xd000 to 0xdfff is excluded. + Arguments: string points to the string length length of string, or -1 if the string is zero-terminated @@ -66,6 +75,7 @@ Returns: < 0 if the string is a valid UTF-8 string int _pcre_valid_utf8(const uschar *string, int length) { +#ifdef SUPPORT_UTF8 register const uschar *p; if (length < 0) @@ -80,31 +90,48 @@ for (p = string; length-- > 0; p++) register int c = *p; if (c < 128) continue; if (c < 0xc0) return p - string; - ab = _pcre_utf8_table4[c & 0x3f]; /* Number of additional bytes */ - if (length < ab) return p - string; + ab = _pcre_utf8_table4[c & 0x3f]; /* Number of additional bytes */ + if (length < ab || ab > 3) return p - string; length -= ab; /* Check top bits in the second byte */ if ((*(++p) & 0xc0) != 0x80) return p - string; - /* Check for overlong sequences for each different length */ + /* Check for overlong sequences for each different length, and for the + excluded range 0xd000 to 0xdfff. */ + switch (ab) { - /* Check for xx00 000x */ + /* Check for xx00 000x (overlong sequence) */ + case 1: if ((c & 0x3e) == 0) return p - string; continue; /* We know there aren't any more bytes to check */ - /* Check for 1110 0000, xx0x xxxx */ + /* Check for 1110 0000, xx0x xxxx (overlong sequence) or + 1110 1101, 1010 xxxx (0xd000 - 0xdfff) */ + case 2: - if (c == 0xe0 && (*p & 0x20) == 0) return p - string; + if ((c == 0xe0 && (*p & 0x20) == 0) || + (c == 0xed && *p >= 0xa0)) + return p - string; break; - /* Check for 1111 0000, xx00 xxxx */ + /* Check for 1111 0000, xx00 xxxx (overlong sequence) or + greater than 0x0010ffff (f4 8f bf bf) */ + case 3: - if (c == 0xf0 && (*p & 0x30) == 0) return p - string; + if ((c == 0xf0 && (*p & 0x30) == 0) || + (c > 0xf4 ) || + (c == 0xf4 && *p > 0x8f)) + return p - string; break; +#if 0 + /* These cases can no longer occur, as we restrict to a maximum of four + bytes nowadays. Leave the code here in case we ever want to add an option + for longer sequences. */ + /* Check for 1111 1000, xx00 0xxx */ case 4: if (c == 0xf8 && (*p & 0x38) == 0) return p - string; @@ -115,6 +142,8 @@ for (p = string; length-- > 0; p++) if (c == 0xfe || c == 0xff || (c == 0xfc && (*p & 0x3c) == 0)) return p - string; break; +#endif + } /* Check for valid bytes after the 2nd, if any; all must start 10 */ @@ -123,6 +152,7 @@ for (p = string; length-- > 0; p++) if ((*(++p) & 0xc0) != 0x80) return p - string; } } +#endif return -1; } |