Closed Bug 1396616 Opened 5 years ago Closed 3 months ago

nssUTF8_Length checks for obsolete UTF-8 byte sequences

Categories

(NSS :: Libraries, enhancement, P3)

3.33
enhancement

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: hsivonen, Assigned: emk)

References

Details

Attachments

(1 file)

https://searchfox.org/mozilla-central/source/security/nss/lib/base/utf8.c#296

nssUTF8_Length checks for lead bytes for five and six-byte UTF-8 sequences, which have been defined out of existence. (RFC 2044 has been obsoleted by RFC 3629.)

Additional observations:
The code only works correctly if input is valid UTF-8. If PEDANTIC is defined, the code validates that leads are followed by the expected number of trails but doesn't check that the byte sequences are otherwise permissible. I.e. even with PEDANTIC defined, the code doesn't reject overlong forms, surrogates or values above the Unicode range.
Priority: -- → P3
Attachment #9265626 - Attachment description: Bug 1396616 - Update nssUTF8_Length to RFC 3629 andd fix buffer overrun. r?#nss-reviewers → Bug 1396616 - Update nssUTF8_Length to RFC 3629 and fix buffer overrun. r?#nss-reviewers
Assignee: nobody → VYV03354
Status: NEW → ASSIGNED
Blocks: 1757279
Status: ASSIGNED → RESOLVED
Closed: 3 months ago
Resolution: --- → FIXED
Target Milestone: --- → 3.77
You need to log in before you can comment on or make changes to this bug.