Closed Bug 1396616 Opened 7 years ago Closed 3 years ago

nssUTF8_Length checks for obsolete UTF-8 byte sequences

Categories

(NSS :: Libraries, enhancement, P3)

Product:
NSS
Component:
Libraries
Version:
3.33
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: hsivonen, Assigned: emk)

References

Details

Attachments

(1 file)

Bug 1396616 - Update nssUTF8_Length to RFC 3629 and fix buffer overrun. r?#nss-reviewers
48 bytes, text/x-phabricator-request
Details | Review
https://searchfox.org/mozilla-central/source/security/nss/lib/base/utf8.c#296 nssUTF8_Length checks for lead bytes for five and six-byte UTF-8 sequences, which have been defined out of existence. (RFC 2044 has been obsoleted by RFC 3629.) Additional observations: The code only works correctly if input is valid UTF-8. If PEDANTIC is defined, the code validates that leads are followed by the expected number of trails but doesn't check that the byte sequences are otherwise permissible. I.e. even with PEDANTIC defined, the code doesn't reject overlong forms, surrogates or values above the Unicode range.
Priority: -- → P3
Attachment #9265626 - Attachment description: Bug 1396616 - Update nssUTF8_Length to RFC 3629 andd fix buffer overrun. r?#nss-reviewers → Bug 1396616 - Update nssUTF8_Length to RFC 3629 and fix buffer overrun. r?#nss-reviewers
Assignee: nobody → VYV03354
Status: NEW → ASSIGNED
Blocks: 1757279

https://hg.mozilla.org/projects/nss/rev/2f2c85648edbda8312bcb8e10ed0180e65ecc83f

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.77
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: