Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commita868931

Browse files
committed
Fix insufficiently-paranoid GB18030 encoding verifier.
The previous coding effectively only verified that the second byte of amultibyte character was in the expected range; moreover, it wasn't carefulto make sure that the second byte even exists in the buffer before touchingit. The latter seems unlikely to cause any real problems in the field(in particular, it could never be a problem with null-terminated input),but it's still a bug.Since GB18030 is not a supported backend encoding, the only thing we'dreally be doing with GB18030 text is converting it to UTF8 in LocalToUtf,which would fail anyway on any invalid character for lack of a match inits lookup table. So the only user-visible consequence of this changeshould be that you'll get "invalid byte sequence for encoding" rather than"character has no equivalent" for malformed GB18030 input. However,impending changes to the GB18030 conversion code will require these tighterup-front checks to avoid producing bogus results.
1 parentaff27e3 commita868931

File tree

1 file changed

+29
-23
lines changed

1 file changed

+29
-23
lines changed

‎src/backend/utils/mb/wchar.c

Lines changed: 29 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1070,25 +1070,20 @@ pg_uhc_dsplen(const unsigned char *s)
10701070
}
10711071

10721072
/*
1073-
** GB18030
1074-
* *Added by Bill Huang <bhuang@redhat.com>,<bill_huanghb@ybb.ne.jp>
1075-
* */
1073+
* GB18030
1074+
*Added by Bill Huang <bhuang@redhat.com>,<bill_huanghb@ybb.ne.jp>
1075+
*/
10761076
staticint
10771077
pg_gb18030_mblen(constunsignedchar*s)
10781078
{
10791079
intlen;
10801080

10811081
if (!IS_HIGHBIT_SET(*s))
10821082
len=1;/* ASCII */
1083+
elseif (*(s+1) >=0x30&&*(s+1) <=0x39)
1084+
len=4;
10831085
else
1084-
{
1085-
if ((*(s+1) >=0x40&&*(s+1) <=0x7e)|| (*(s+1) >=0x80&&*(s+1) <=0xfe))
1086-
len=2;
1087-
elseif (*(s+1) >=0x30&&*(s+1) <=0x39)
1088-
len=4;
1089-
else
1090-
len=2;
1091-
}
1086+
len=2;
10921087
returnlen;
10931088
}
10941089

@@ -1403,21 +1398,32 @@ pg_uhc_verifier(const unsigned char *s, int len)
14031398
staticint
14041399
pg_gb18030_verifier(constunsignedchar*s,intlen)
14051400
{
1406-
intl,
1407-
mbl;
1408-
1409-
l=mbl=pg_gb18030_mblen(s);
1410-
1411-
if (len<l)
1412-
return-1;
1401+
intl;
14131402

1414-
while (--l>0)
1403+
if (!IS_HIGHBIT_SET(*s))
1404+
l=1;/* ASCII */
1405+
elseif (len >=4&&*(s+1) >=0x30&&*(s+1) <=0x39)
14151406
{
1416-
if (*++s=='\0')
1417-
return-1;
1407+
/* Should be 4-byte, validate remaining bytes */
1408+
if (*s >=0x81&&*s <=0xfe&&
1409+
*(s+2) >=0x81&&*(s+2) <=0xfe&&
1410+
*(s+3) >=0x30&&*(s+3) <=0x39)
1411+
l=4;
1412+
else
1413+
l=-1;
14181414
}
1419-
1420-
returnmbl;
1415+
elseif (len >=2&&*s >=0x81&&*s <=0xfe)
1416+
{
1417+
/* Should be 2-byte, validate */
1418+
if ((*(s+1) >=0x40&&*(s+1) <=0x7e)||
1419+
(*(s+1) >=0x80&&*(s+1) <=0xfe))
1420+
l=2;
1421+
else
1422+
l=-1;
1423+
}
1424+
else
1425+
l=-1;
1426+
returnl;
14211427
}
14221428

14231429
staticint

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp