From 56da2f7a20abb051e4227a37fb8f1be77e5323f3 Mon Sep 17 00:00:00 2001 From: Anjali Nijhara Date: Thu, 23 Mar 2023 14:06:34 +0530 Subject: [CVE-2016-6263] stringprep_utf8_nfkc_normalize: Reject invalid UTF8 instead of crashing http://git.savannah.gnu.org/cgit/libidn.git/commit/?id=1fbee57ef3c72db2206dd87e4162108b2f425555 Change-Id: Iee11ba2f143c48cfcd5ba114a2d887aaa4262380 --- lib/nfkc.c | 10 ++++++++++ tests/Makefile.am | 2 +- tests/tst_badutf8nfkc.c | 40 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 tests/tst_badutf8nfkc.c diff --git a/lib/nfkc.c b/lib/nfkc.c index 653ef75..4a69539 100644 --- a/lib/nfkc.c +++ b/lib/nfkc.c @@ -1026,6 +1026,16 @@ stringprep_ucs4_to_utf8 (const uint32_t * str, ssize_t len, char * stringprep_utf8_nfkc_normalize (const char *str, ssize_t len) { + size_t n; + + if (len < 0) + n = strlen (str); + else + n = len; + + if (u8_check ((const uint8_t *) str, n)) + return NULL; + return g_utf8_normalize (str, len, G_NORMALIZE_NFKC); } diff --git a/tests/Makefile.am b/tests/Makefile.am index 62804d8..1c7cd40 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -27,7 +27,7 @@ libutils_a_SOURCES = utils.h utils.c ctests = tst_stringprep tst_punycode tst_idna tst_idna2 tst_idna3 \ tst_idna4 tst_nfkc tst_pr29 tst_strerror tst_toutf8 \ - tst_symbols + tst_symbols tst_badutf8nfkc \ if TLD ctests += tst_tld endif diff --git a/tests/tst_badutf8nfkc.c b/tests/tst_badutf8nfkc.c new file mode 100644 index 0000000..aa79c2e --- /dev/null +++ b/tests/tst_badutf8nfkc.c @@ -0,0 +1,40 @@ +/* tst_badutf8nfkc.c --- Self tests for malformed UTF-8 NFKC input. + * Copyright (C) 2016 Simon Josefsson + * + * This file is part of GNU Libidn. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + */ +#ifdef HAVE_CONFIG_H +# include "config.h" +#endif + +#include +#include + +#include + +#include "utils.h" + +void +doit (void) +{ + char *badutf8 = strdup ("\xe4"); + char *s = NULL; + + s = stringprep_utf8_nfkc_normalize (badutf8, -1); + free (s); + free (badutf8); +} -- cgit v1.2.3