details: https://hg.nginx.org/njs/rev/5d2a3da0674f
branches:
changeset: 2261:5d2a3da0674f
user: Dmitry Volyntsev <xei...@nginx.com>
date: Mon Jan 08 22:20:19 2024 -0800
description:
Avoiding arithmetic operations with NULL pointer in TextDecoder().
Found by UndefinedBehaviorSanitizer.
diffstat:
src/njs_encoding.c | 2 +-
src/njs_utf8.c | 30 ++++++++++++++++--------------
2 files changed, 17 insertions(+), 15 deletions(-)
diffs (57 lines):
diff -r c15a6129ade7 -r 5d2a3da0674f src/njs_encoding.c
--- a/src/njs_encoding.c Mon Jan 08 22:20:10 2024 -0800
+++ b/src/njs_encoding.c Mon Jan 08 22:20:19 2024 -0800
@@ -543,7 +543,7 @@ njs_text_decoder_decode(njs_vm_t *vm, nj
/* Looking for BOM. */
- if (!data->ignore_bom) {
+ if (start != NULL && !data->ignore_bom) {
start += njs_utf8_bom(start, end);
}
diff -r c15a6129ade7 -r 5d2a3da0674f src/njs_utf8.c
--- a/src/njs_utf8.c Mon Jan 08 22:20:10 2024 -0800
+++ b/src/njs_utf8.c Mon Jan 08 22:20:19 2024 -0800
@@ -361,25 +361,27 @@ njs_utf8_stream_length(njs_unicode_decod
size = 0;
length = 0;
- end = p + len;
+ if (p != NULL) {
+ end = p + len;
+
+ while (p < end) {
+ codepoint = njs_utf8_decode(ctx, &p, end);
- while (p < end) {
- codepoint = njs_utf8_decode(ctx, &p, end);
+ if (codepoint > NJS_UNICODE_MAX_CODEPOINT) {
+ if (codepoint == NJS_UNICODE_CONTINUE) {
+ break;
+ }
- if (codepoint > NJS_UNICODE_MAX_CODEPOINT) {
- if (codepoint == NJS_UNICODE_CONTINUE) {
- break;
+ if (fatal) {
+ return -1;
+ }
+
+ codepoint = NJS_UNICODE_REPLACEMENT;
}
- if (fatal) {
- return -1;
- }
-
- codepoint = NJS_UNICODE_REPLACEMENT;
+ size += njs_utf8_size(codepoint);
+ length++;
}
-
- size += njs_utf8_size(codepoint);
- length++;
}
if (last && ctx->need != 0x00) {
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
