bounds check for bad data (thanks amaury)

pjenvey · pjenvey · commit 45c41494bf49 · 2012-10-26T17:01:53.000-07:00
diff --git a/Lib/test/test_codecs.py b/Lib/test/test_codecs.py
@@ -645,6 +645,8 @@ def test_surrogatepass_handler(self):
         self.assertEqual(b"abc\xed\xa0\x80def".decode("utf-8", "surrogatepass"),
                          "abc\ud800def")
         self.assertTrue(codecs.lookup_error("surrogatepass"))
+        with self.assertRaises(UnicodeDecodeError):
+            b"abc\xed\xa0".decode("utf-8", "surrogatepass")
 
 class UTF7Test(ReadTest):
     encoding = "utf-7"
diff --git a/Python/codecs.c b/Python/codecs.c
@@ -821,9 +821,10 @@ PyCodec_SurrogatePassErrors(PyObject *exc)
         /* Try decoding a single surrogate character. If
            there are more, let the codec call us again. */
         p += start;
-        if ((p[0] & 0xf0) == 0xe0 ||
-            (p[1] & 0xc0) == 0x80 ||
-            (p[2] & 0xc0) == 0x80) {
+        if (strlen(p) > 2 &&
+            ((p[0] & 0xf0) == 0xe0 ||
+             (p[1] & 0xc0) == 0x80 ||
+             (p[2] & 0xc0) == 0x80)) {
             /* it's a three-byte code */
             ch = ((p[0] & 0x0f) << 12) + ((p[1] & 0x3f) << 6) + (p[2] & 0x3f);
             if (ch < 0xd800 || ch > 0xdfff)
