Core: stricter UTF-8 handling in ngx_utf8_decode().

An UTF-8 octet sequence cannot start with a 11111xxx byte (above 0xf8), see https://datatracker.ietf.org/doc/html/rfc3629#section-3. Previously, such bytes were accepted by ngx_utf8_decode() and misinterpreted as 11110xxx bytes (as in a 4-byte sequence). While unlikely, this can potentially cause issues. Fix is to explicitly reject such bytes in ngx_utf8_decode().
2024-11-21 16:28:40 +00:00 · 2023-02-23 08:09:50 +09:00 · 2023-02-23 08:09:50 +09:00 · 2c5fccd469
commit 2c5fccd469
parent 4ace957c4e
1 changed files with 6 additions and 1 deletions
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@ -1364,7 +1364,12 @@ ngx_utf8_decode(u_char **p, size_t n)

    u = **p;

-    if (u >= 0xf0) {
+    if (u >= 0xf8) {
+
+        (*p)++;
+        return 0xffffffff;
+
+    } else if (u >= 0xf0) {

        u &= 0x07;
        valid = 0xffff;