mirror of
https://gitlab.com/qemu-project/qemu
synced 2024-11-05 20:35:44 +00:00
e59f39d403
We reject bytes that can't occur in valid UTF-8 (\xC0..\xC1, \xF5..\xFF in the lexer. That's insufficient; there's plenty of invalid UTF-8 not containing these bytes, as demonstrated by check-qjson: * Malformed sequences - Unexpected continuation bytes - Missing continuation bytes after start bytes other than \xC0..\xC1, \xF5..\xFD. * Overlong sequences with start bytes other than \xC0..\xC1, \xF5..\xFD. * Invalid code points Fixing this in the lexer would be bothersome. Fixing it in the parser is straightforward, so do that. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <20180823164025.12553-23-armbru@redhat.com>
156 lines
4.5 KiB
C
156 lines
4.5 KiB
C
/*
|
|
* Dealing with Unicode
|
|
*
|
|
* Copyright (C) 2013 Red Hat, Inc.
|
|
*
|
|
* Authors:
|
|
* Markus Armbruster <armbru@redhat.com>
|
|
*
|
|
* This work is licensed under the terms of the GNU GPL, version 2 or
|
|
* later. See the COPYING file in the top-level directory.
|
|
*/
|
|
|
|
#include "qemu/osdep.h"
|
|
#include "qemu/unicode.h"
|
|
|
|
static bool is_valid_codepoint(int codepoint)
|
|
{
|
|
if (codepoint > 0x10FFFFu) {
|
|
return false; /* beyond Unicode range */
|
|
}
|
|
if ((codepoint >= 0xFDD0 && codepoint <= 0xFDEF)
|
|
|| (codepoint & 0xFFFE) == 0xFFFE) {
|
|
return false; /* noncharacter */
|
|
}
|
|
if (codepoint >= 0xD800 && codepoint <= 0xDFFF) {
|
|
return false; /* surrogate code point */
|
|
}
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* mod_utf8_codepoint:
|
|
* @s: string encoded in modified UTF-8
|
|
* @n: maximum number of bytes to read from @s, if less than 6
|
|
* @end: set to end of sequence on return
|
|
*
|
|
* Convert the modified UTF-8 sequence at the start of @s. Modified
|
|
* UTF-8 is exactly like UTF-8, except U+0000 is encoded as
|
|
* "\xC0\x80".
|
|
*
|
|
* If @n is zero or @s points to a zero byte, the sequence is invalid,
|
|
* and @end is set to @s.
|
|
*
|
|
* If @s points to an impossible byte (0xFE or 0xFF) or a continuation
|
|
* byte, the sequence is invalid, and @end is set to @s + 1
|
|
*
|
|
* Else, the first byte determines how many continuation bytes are
|
|
* expected. If there are fewer, the sequence is invalid, and @end is
|
|
* set to @s + 1 + actual number of continuation bytes. Else, the
|
|
* sequence is well-formed, and @end is set to @s + 1 + expected
|
|
* number of continuation bytes.
|
|
*
|
|
* A well-formed sequence is valid unless it encodes a codepoint
|
|
* outside the Unicode range U+0000..U+10FFFF, one of Unicode's 66
|
|
* noncharacters, a surrogate codepoint, or is overlong. Except the
|
|
* overlong sequence "\xC0\x80" is valid.
|
|
*
|
|
* Conversion succeeds if and only if the sequence is valid.
|
|
*
|
|
* Returns: the Unicode codepoint on success, -1 on failure.
|
|
*/
|
|
int mod_utf8_codepoint(const char *s, size_t n, char **end)
|
|
{
|
|
static int min_cp[5] = { 0x80, 0x800, 0x10000, 0x200000, 0x4000000 };
|
|
const unsigned char *p;
|
|
unsigned byte, mask, len, i;
|
|
int cp;
|
|
|
|
if (n == 0 || *s == 0) {
|
|
/* empty sequence */
|
|
*end = (char *)s;
|
|
return -1;
|
|
}
|
|
|
|
p = (const unsigned char *)s;
|
|
byte = *p++;
|
|
if (byte < 0x80) {
|
|
cp = byte; /* one byte sequence */
|
|
} else if (byte >= 0xFE) {
|
|
cp = -1; /* impossible bytes 0xFE, 0xFF */
|
|
} else if ((byte & 0x40) == 0) {
|
|
cp = -1; /* unexpected continuation byte */
|
|
} else {
|
|
/* multi-byte sequence */
|
|
len = 0;
|
|
for (mask = 0x80; byte & mask; mask >>= 1) {
|
|
len++;
|
|
}
|
|
assert(len > 1 && len < 7);
|
|
cp = byte & (mask - 1);
|
|
for (i = 1; i < len; i++) {
|
|
byte = i < n ? *p : 0;
|
|
if ((byte & 0xC0) != 0x80) {
|
|
cp = -1; /* continuation byte missing */
|
|
goto out;
|
|
}
|
|
p++;
|
|
cp <<= 6;
|
|
cp |= byte & 0x3F;
|
|
}
|
|
if (!is_valid_codepoint(cp)) {
|
|
cp = -1;
|
|
} else if (cp < min_cp[len - 2] && !(cp == 0 && len == 2)) {
|
|
cp = -1; /* overlong, not \xC0\x80 */
|
|
}
|
|
}
|
|
|
|
out:
|
|
*end = (char *)p;
|
|
return cp;
|
|
}
|
|
|
|
/**
|
|
* mod_utf8_encode:
|
|
* @buf: Destination buffer
|
|
* @bufsz: size of @buf, at least 5.
|
|
* @codepoint: Unicode codepoint to encode
|
|
*
|
|
* Convert Unicode codepoint @codepoint to modified UTF-8.
|
|
*
|
|
* Returns: the length of the UTF-8 sequence on success, -1 when
|
|
* @codepoint is invalid.
|
|
*/
|
|
ssize_t mod_utf8_encode(char buf[], size_t bufsz, int codepoint)
|
|
{
|
|
assert(bufsz >= 5);
|
|
|
|
if (!is_valid_codepoint(codepoint)) {
|
|
return -1;
|
|
}
|
|
|
|
if (codepoint > 0 && codepoint <= 0x7F) {
|
|
buf[0] = codepoint & 0x7F;
|
|
buf[1] = 0;
|
|
return 1;
|
|
}
|
|
if (codepoint <= 0x7FF) {
|
|
buf[0] = 0xC0 | ((codepoint >> 6) & 0x1F);
|
|
buf[1] = 0x80 | (codepoint & 0x3F);
|
|
buf[2] = 0;
|
|
return 2;
|
|
}
|
|
if (codepoint <= 0xFFFF) {
|
|
buf[0] = 0xE0 | ((codepoint >> 12) & 0x0F);
|
|
buf[1] = 0x80 | ((codepoint >> 6) & 0x3F);
|
|
buf[2] = 0x80 | (codepoint & 0x3F);
|
|
buf[3] = 0;
|
|
return 3;
|
|
}
|
|
buf[0] = 0xF0 | ((codepoint >> 18) & 0x07);
|
|
buf[1] = 0x80 | ((codepoint >> 12) & 0x3F);
|
|
buf[2] = 0x80 | ((codepoint >> 6) & 0x3F);
|
|
buf[3] = 0x80 | (codepoint & 0x3F);
|
|
buf[4] = 0;
|
|
return 4;
|
|
}
|