The UTF-8 decoder should not accept byte sequences which decode to unicode

code positions U+D800 to U+DFFF (UTF-16 surrogates), U+FFFE, and U+FFFF. http://www.cl.cam.ac.uk/~mgk25/unicode.html#utf-8 http://unicode.org/faq/utf_bom.html#utf8-4 ok phessler, millert, miod, deraadt
author: stsp <stsp@openbsd.org> 2010-08-05 17:13:53 +0000
committer: stsp <stsp@openbsd.org> 2010-08-05 17:13:53 +0000
commit: 249006c8dad06afa197dd96b378039405e7d838b (patch)
tree: 41d9433136447f47bb9212ac55a58daafa3c9afd
parent: rename a variable which is annoyingly poorly named (diff)
download: wireguard-openbsd-249006c8dad06afa197dd96b378039405e7d838b.tar.xz
wireguard-openbsd-249006c8dad06afa197dd96b378039405e7d838b.zip
1 files changed, 9 insertions, 1 deletions
diff --git a/lib/libc/citrus/citrus_utf8.c b/lib/libc/citrus/citrus_utf8.c
index 0ead0c7946d..45d07d74a57 100644
--- a/lib/libc/citrus/citrus_utf8.c
+++ b/lib/libc/citrus/citrus_utf8.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: citrus_utf8.c,v 1.2 2010/07/29 00:50:10 stsp Exp $ */
+/*	$OpenBSD: citrus_utf8.c,v 1.3 2010/08/05 17:13:53 stsp Exp $ */
 
 /*-
  * Copyright (c) 2002-2004 Tim J. Robbins
@@ -162,6 +162,14 @@ _citrus_utf8_ctype_mbrtowc(wchar_t * __restrict pwc,
 		errno = EILSEQ;
 		return ((size_t)-1);
 	}
+	if ((wch >= 0xd800 && wch <= 0xdfff) ||
+	    wch == 0xfffe || wch == 0xffff) {
+		/*
+		 * Malformed input; invalid code points.
+		 */
+		errno = EILSEQ;
+		return ((size_t)-1);
+	}
 	if (pwc != NULL)
 		*pwc = wch;
 	us->want = 0;
author	stsp <stsp@openbsd.org>	2010-08-05 17:13:53 +0000
committer	stsp <stsp@openbsd.org>	2010-08-05 17:13:53 +0000
commit	249006c8dad06afa197dd96b378039405e7d838b (patch)
tree	41d9433136447f47bb9212ac55a58daafa3c9afd
parent	rename a variable which is annoyingly poorly named (diff)
download	wireguard-openbsd-249006c8dad06afa197dd96b378039405e7d838b.tar.xz wireguard-openbsd-249006c8dad06afa197dd96b378039405e7d838b.zip