aboutsummaryrefslogtreecommitdiffstats
path: root/src/libutil
diff options
context:
space:
mode:
authorVsevolod Stakhov <vsevolod@highsecure.ru>2021-05-18 12:43:22 +0100
committerVsevolod Stakhov <vsevolod@highsecure.ru>2021-05-18 12:43:22 +0100
commite7667dd0f6b64748e0d3d14158733f119893d631 (patch)
tree2def1a31b1c2e8f16e438961d1cdf6d1c46bbf2e /src/libutil
parent7974dd00478625cbe8e754e67e39bf52d361bda9 (diff)
downloadrspamd-e7667dd0f6b64748e0d3d14158733f119893d631.tar.gz
rspamd-e7667dd0f6b64748e0d3d14158733f119893d631.zip
[Minor] Fix buffer overflow due to libicu super safe macros
Diffstat (limited to 'src/libutil')
-rw-r--r--src/libutil/cxx/utf8_util.cxx18
1 files changed, 15 insertions, 3 deletions
diff --git a/src/libutil/cxx/utf8_util.cxx b/src/libutil/cxx/utf8_util.cxx
index 337961f2b..cf71ae2ae 100644
--- a/src/libutil/cxx/utf8_util.cxx
+++ b/src/libutil/cxx/utf8_util.cxx
@@ -136,6 +136,12 @@ rspamd_normalise_unicode_inplace(char *start, size_t *len)
size_t i = 0;
while(it.hasNext()) {
+ /* libicu is very 'special' if it comes to 'safe' macro */
+ if (i >= *len) {
+ ret |= RSPAMD_UNICODE_NORM_ERROR;
+ break;
+ }
+
auto uc = it.next32PostInc();
if (zw_spaces.contains(uc)) {
@@ -143,12 +149,15 @@ rspamd_normalise_unicode_inplace(char *start, size_t *len)
}
else {
UBool err = 0;
+
+ if (uc == 0xFFFD) {
+ ret |= RSPAMD_UNICODE_NORM_UNNORMAL;
+ }
U8_APPEND((uint8_t*)start, i, *len, uc, err);
if (err) {
- ret = RSPAMD_UNICODE_NORM_ERROR;
-
- return i;
+ ret |= RSPAMD_UNICODE_NORM_ERROR;
+ break;
}
}
}
@@ -187,6 +196,9 @@ TEST_SUITE("utf8 utils") {
/* Same with zw spaces */
{"13\u200C_\u0020\u0308\u0301\u038e\u03ab\u200D", "13_ ̈́ΎΫ",
RSPAMD_UNICODE_NORM_UNNORMAL|RSPAMD_UNICODE_NORM_ZERO_SPACES},
+ /* Buffer overflow case */
+ {"u\xC2\xC2\xC2\xC2\xC2\xC2""abcdef""abcdef", "u������",
+ RSPAMD_UNICODE_NORM_UNNORMAL|RSPAMD_UNICODE_NORM_ERROR},
};
for (const auto &c : cases) {