bug-wget
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH] the libidn problem

From: Tim Ruehsen
Subject: Re: [Bug-wget] [PATCH] the libidn problem
Date: Tue, 30 Jun 2015 14:47:13 +0200
User-agent: KMail/4.14.2 (Linux/4.0.0-2-amd64; KDE/4.14.2; x86_64; ; ) 
On Tuesday 30 June 2015 11:09:06 Hubert Tarasiuk wrote:
> +  while (*s)
> +    {
> +      if ((*s & 0x80) == 0) /* 0xxxxxxx ASCII char */
> +        s++;
> +      else if ((*s & 0xE0) == 0xC0) /* 110xxxxx 10xxxxxx */
> +        {
> +          if ((s[1] & 0xC0) != 0x80)
> +            return false;
> +          s+=2;
> +        }
> +      else if ((*s & 0xF0) == 0xE0) /* 1110xxxx 10xxxxxx 10xxxxxx */
> +        {
> +          if ((s[1] & 0xC0) != 0x80 || (s[2] & 0xC0) != 0x80)
> +            return false;
> +          s+=3;
> +        }
> +      else if ((*s & 0xF8) == 0xF0) /* 11110xxx 10xxxxxx 10xxxxxx
> 10xxxxxx */
> +        {
> +          if ((s[1] & 0xC0) != 0x80 || (s[2] & 0xC0) != 0x80 || (s[3] &
> 0xC0) != 0x80)
> +            return false;
> +          s+=4;
> +        }
> I think here should go another else like this: else { return false; }.
> Otherwise it can loop forever if none of the conditions matches (eg.
> '\xba').

Thanks Hubert, good catch.

I add the amended patch for completeness.

Tim

Attachment: 0001-Work-around-a-libidn-1.30-vulnerability.patch
Description: Text Data

Attachment: signature.asc
Description: This is a digitally signed message part.

reply via email to
[Prev in Thread] Current Thread [Next in Thread]