You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello,
It seems to me that utf8makevalid can read string to modify out of bounds :
while ('\0' != *read) {
if (0xf0 == (0xf8 & read)) {
/ ensure each of the 3 following bytes in this 4-byte
* utf8 codepoint began with 0b10xxxxxx */
if ((0x80 != (0xc0 & read[1])) || (0x80 != (0xc0 & read[2])) ||
(0x80 != (0xc0 & read[3]))) {
=> it seems to me that we cannot be sure that read[1], [2] and [3] are not of bounds.
Regards,
PS : same problem in utf8codepoint and maybe other functions, but this is particularly important for utf8makevalid , because I can have any invaldi string as an input
The text was updated successfully, but these errors were encountered:
JPDelprat
changed the title
utf8makevalid read out of bounds
utf8makevalid read out of bounds (+ other functions)
Dec 17, 2023
Hello,
It seems to me that utf8makevalid can read string to modify out of bounds :
while ('\0' != *read) {
if (0xf0 == (0xf8 & read)) {
/ ensure each of the 3 following bytes in this 4-byte
* utf8 codepoint began with 0b10xxxxxx */
if ((0x80 != (0xc0 & read[1])) || (0x80 != (0xc0 & read[2])) ||
(0x80 != (0xc0 & read[3]))) {
=> it seems to me that we cannot be sure that read[1], [2] and [3] are not of bounds.
Regards,
PS : same problem in utf8codepoint and maybe other functions, but this is particularly important for utf8makevalid , because I can have any invaldi string as an input
The text was updated successfully, but these errors were encountered: