Closed Bug 35004 Opened 24 years ago Closed 24 years ago

UTF-8 converter stops conversion after encountering invalid characters

Categories

(MailNews Core :: Internationalization, defect, P3)

Product:
MailNews Core
Component:
Internationalization
Platform:
x86
Linux
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: jmdesp, Assigned: ftang)

References

(
URL
)

Details

(Keywords: polish, Whiteboard: [nsbeta3+]patch reviewed, wait for tree open to check in.)

Attachments

(3 files)

test case
4.89 KB, text/plain
Details
Screen shot of the test case view after Frank's patch
140.78 KB, image/jpeg
Details
Proposed fix
564 bytes, patch
Details | Diff | Splinter Review 
Mozilla stops displaying after reading invalid utf-8 bit characters.
Example String is "Subject: Re: [utf_fr] Re: [FAQ] Comment lire et écrire"

The story : I received an email in utf-8 from an OE user that had illegally some
UTF8 characters in headers. (it probably has been converted from QP to 8 bit by
an auto-converter)

This one displays correctly.

I've read it with NS 4.72, and answered back, resulting in invalid UTF-8
characters in the header as well as in the body of the message.
As this message is in a mailing list, I got it back home and I just can't read
the resulting mail in NS 6 PR1.

The message windows stops displaying when it encourter the first invalid
character both in the body and header.

I saved the mail and opened the file in browser.
In ISO-8859-1 the whole content is displayed.
In UTF-8, the display stops after first invalid character.

I include the file in wich I saved the mail as an attachment.
When displaying it, switching to UTF-8 encoding should show the bug.
Attached file test case 

    
    

    
  
Thanks to the string I included earlier,the bug page too will show the problem
if you switch to utf-8.
Disabled auto-detection of charset during the display of the test page if you
want to see the problem. I had it set and it would try to display my page as
japanese, even when telling it's utf-8.

By the way, under NS 4.72 in the sample, the header is not displayed correctly,
but the body has no problem.




    
    

    
  
I can reproduce both in mail and browser.
Status: UNCONFIRMED → NEW
Ever confirmed: true

    
    

    
  
Looks like this is a converter problem.
You can reproduce it by viewing the attachment of this bug in browser.
Reassign to cata and cc to ftang.
Assignee: nhotta → cata

    
  
Status: NEW → ASSIGNED
Target Milestone: --- → M18

    
    

    
  
If you have read the story part in my comment, you have seen the incorrect UTF-8 
data was generated by NS 4.72.
Indeed I have just found out that NS 4.72 incorrectly encodes the character "à" 
as C3 20 instead of C3 A0. (C3 20 is not just wrong, it's a forbidden sequence 
in UTF-8).
So in an environment where both NS 4.72 and NS 6/Mozilla are used, such invalid 
UTF-8 data will be encountered quite often.
I have reported this bug on the newsgroup netscape.communicator, but Mozilla 
will probably have to accept (or at least behave nicely with) those invalid 
characters.


    
    

    
  
This looks similar to #25037. Maybe they are the same or depend on each other.
Can somebody take a look?

    
    

    
  
No, this bug is not the same as Bug 25037. That bug was a temporary 
regression and was fixed. This one still occurs and is attributable to a different cause.

    
  
Keywords: nsbeta3, 
          
            polish

    
    

    
  
Reassinging to myself.
Assignee: cata → ftang
Status: ASSIGNED → NEW

    
    

    
  
mark as assign

Status: NEW → ASSIGNED

    
    

    
  
nhotta- pleaes take a look at it since the problem is in MailNews
the converter should stop and report error when it hit illegal UTF8. The caller 
should do error handling nicer. In the brwoser, what I do is *eat* one byte , 
reset the decoder and then continue. 
Assignee: ftang → nhotta
Status: ASSIGNED → NEW

    
  
Status: NEW → ASSIGNED

    
  
Keywords: mailtrack

    
    

    
  
nsbeta3- per i18n bug meeting. This will only impact UTF8 mail, right ? how many 
people send illegal UTF-8 mail ?
Whiteboard: nsbeta3-

    
    

    
  
This affects more than just mail, this affects all UTF-8 content.  This has 
potential security implications, as it may be possible to get malicious content 
past input validators.

Whiteboard: nsbeta3-

    
    

    
  
F. Tang, please consider my 2000-05-02 06:54 comment.
Every user of NS 4.xx will frequently send invalid data when trying to use UTF-8 
in mail or news, because a OxA0 in the sequence will get replaced by 0x20. This 
also happens with a greek character.
The browser behaviour (eat one byte, reset) sounds adequate.
It shouldn't take very long to implement that in mail/news ?

    
    

    
  
Need more information.  Ftang to investigate.

    
    

    
  
About that NS 4.xx bug generating invalid utf-8 : The greek character concerned 
is capital pi (CE A0 in utf-8), as also the unicode character 01A0 (C6 A0).
I suspect NS 4.xx destroys utf-8 characters every time they end with A0.
It's still happening with NS 4.75.

    
    

    
  
I filed a Browser bug, Bug 50049, which seems to be due to the same weakness in our
code. The point of the other bug is that this problem manifests in more ways than just in
mis-created mail messages and that we should reallt fix this problem for beta3. 
jgmyers also mentions another possible way in which the weakness can be exploited
and the test cases above.

    
    

    
  
Marking nsbeta3+ per I18N Bug Triage. Fix this is Browser and Mail.
Whiteboard: [nsbeta3+]

    
    

    
  
So fix for mail and browser? Then we better change UTF-8 decoder.

    
    

    
  
we may need to change both the decoder and the caller. 
The following fix make the Browser do not display as blank. However, I think 
some of the caller still need to do error handling .
also in http://warp/u/ftang/tmp/fix35004.txt

Index: nsUTF8ToUnicode.cpp
===================================================================
RCS file: /m/pub/mozilla/intl/uconv/ucvlatin/nsUTF8ToUnicode.cpp,v
retrieving revision 1.7
diff -u -r1.7 nsUTF8ToUnicode.cpp
--- nsUTF8ToUnicode.cpp 2000/04/25 13:50:41     1.7
+++ nsUTF8ToUnicode.cpp 2000/08/26 07:53:30
@@ -85,7 +85,7 @@
 
    nsresult res;       // conversion result
 
-   for(in=aSrc,out=aDest,res=nsnull;((in < inend) && (out < outend)); in++)
+   for(in=aSrc,out=aDest,res=NS_OK;((in < inend) && (out < outend)); in++)
    {
       if(0 == mState) {
          if( 0 == (0x80 & (*in))) {
@@ -138,7 +138,7 @@
                         if(0 == --mState)
              {
                  if(mUcs4 >= 0x00010000) {
-                    if(mUcs4 >= 0x001F0000) {
+                    if(mUcs4 >= 0x00110000) {
                       *out++ = 0xFFFD;
                     } else {
                       mUcs4 -= 0x00010000;
@@ -168,11 +168,13 @@
    }
 
    //output not finished, output buffer too short
-   if ((in < inend) && (out >= outend)) res = NS_OK_UDEC_MOREOUTPUT;
+   if((NS_OK == res) && (in < inend) && (out >= outend)) 
+       res = NS_OK_UDEC_MOREOUTPUT;
 
    //last USC4 is incomplete, make sure the caller 
    //returns with properly aligned continuation of the buffer
-   if (mState != 0) res = NS_OK_UDEC_MOREINPUT;
+   if ((NS_OK == res) && (mState != 0))
+       res = NS_OK_UDEC_MOREINPUT;
 
    *aSrcLength = in - aSrc;
    *aDestLength  = out - aDest;

the above patch also partial fix 41425.
can some one give me a full list of problem area. Then we can test it. My patch 
fix the browser show blank issue. It won't treat the 0x20 as 0xA0. It will 
CONTINUE. What other places have this issue. can this fix it ? If not, we should  
know why, maybe we need to add code to the caller also.

    
  
Whiteboard: [nsbeta3+] → [nsbeta3+]Possible patch in hand. Need code review and verify with other cases

    
    

    
  
With my latest patch, I can see 
http://www.cl.cam.ac.uk/~mgk25/ucs/examples/UTF-8-test.txt
at least. The showing may not be as the expect result as the author wrote.

    
    

    
  
Is bug 50459 a duplicate of this one?

    
    

    
  
You did the analyze, R.K.Aa 2 : bug 50459 is not fully a duplicate, but it shows 
that if ever something is interpreted in utf-8 when it shouldn't be, this bug 
increases the problem.

I consider the behaviour of not interprating 0x20 as 0xA0 as adequate, users of 
NS 4.x who need utf-8 and adequate i18n support, really should update to version 
6 anyway. By continuing, the content of the mail/web page should be 
interpretable, even if not fully correct.

    
    

    
  
The mail view of the test case does not stop and continues conversion after 
Frank's patch, reassign to him.

Assignee: nhotta → ftang
Status: ASSIGNED → NEW

    
    

    
  
I think the result is great.
I thought you were goind to eat the missing character, but replacing it by a 
question mark is better.
Just one room for enhancement : There should be a visual difference between an 
invalid character and a character that can't be displayed because the font is 
missing.
Was the last resort font mecanism finally incorporated inside Mozilla ?
(this was discussed in the thread named Request for review on fix of #35910 - 
PostScript printing error, on netscape.public.mozilla.i18n in april).

    
  
Status: NEW → ASSIGNED
Whiteboard: [nsbeta3+]Possible patch in hand. Need code review and verify with other cases → [nsbeta3+]patch reviewed, wait for tree open to check in.

    
    

    
  
fix and check in.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED

    
    

    
  
Per the testcase URL, the converter still eats one character following an
incomplete UTF-8 sequence.

Status: RESOLVED → REOPENED
Resolution: FIXED → ---

    
    

    
  

      
      
      
      

        Attached patch
          
          
        Proposed fixSplinter Review
      

    


  

    
    

    
  
check in the new fix john proposed
Status: REOPENED → ASSIGNED

    
    

    
  
fix check in.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago24 years ago
Resolution: --- → FIXED

    
    

    
  
QA contact to marina.
Please use the test case by jean-Marc
and see if the problem occurs any more
QA Contact: momoi → marina

    
    

    
  
I tried with build 2000091021.
My test case displays as expected. The "à" character becomes "? ".
It doesn't look very great for this test sample, but it's probably the standard
way  it has to be done.

I also watched the test case of Marcus Kuhn.
It works quite good exept that it accepts invalid characters representation of
for example the character "/". This _might_ mean a security problem if some day
this decoder is used for something else than displaying ("decoding an utf-8
sequence before doing file access").

The last resort font mecanism is not implemented in Mozilla as I see.

Invalid UTF-8 should be diplayed in a way that's different from the way a
character that can not be found in the current font is displayed.


    
    

    
  
The "accepting invalid overlong sequences" problem is bug 50702.


    
    

    
  
And what about opening a bug about the fact "invalid" and "not found in
available fonts" characters are displayed the same ?

It would link to "last resort font" references for suggestions about the way the
characters that are not found in the available fonts are displayed.

    
    

    
  
i see the correct display in 2000-09-20 build, verifying as fixed
Status: RESOLVED → VERIFIED
Product: MailNews → Core
Product: Core → MailNews Core

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: