Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 45c4149

Browse files
committed
bounds check for bad data (thanks amaury)
1 parent a20879f commit 45c4149

2 files changed

Lines changed: 6 additions & 3 deletions

File tree

Lib/test/test_codecs.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -645,6 +645,8 @@ def test_surrogatepass_handler(self):
645645
self.assertEqual(b"abc\xed\xa0\x80def".decode("utf-8", "surrogatepass"),
646646
"abc\ud800def")
647647
self.assertTrue(codecs.lookup_error("surrogatepass"))
648+
with self.assertRaises(UnicodeDecodeError):
649+
b"abc\xed\xa0".decode("utf-8", "surrogatepass")
648650

649651
class UTF7Test(ReadTest):
650652
encoding = "utf-7"

Python/codecs.c

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -821,9 +821,10 @@ PyCodec_SurrogatePassErrors(PyObject *exc)
821821
/* Try decoding a single surrogate character. If
822822
there are more, let the codec call us again. */
823823
p += start;
824-
if ((p[0] & 0xf0) == 0xe0 ||
825-
(p[1] & 0xc0) == 0x80 ||
826-
(p[2] & 0xc0) == 0x80) {
824+
if (strlen(p) > 2 &&
825+
((p[0] & 0xf0) == 0xe0 ||
826+
(p[1] & 0xc0) == 0x80 ||
827+
(p[2] & 0xc0) == 0x80)) {
827828
/* it's a three-byte code */
828829
ch = ((p[0] & 0x0f) << 12) + ((p[1] & 0x3f) << 6) + (p[2] & 0x3f);
829830
if (ch < 0xd800 || ch > 0xdfff)

0 commit comments

Comments
 (0)