You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2012/12/27 23:52:45 UTC
svn commit: r1426356 - in /tomcat/trunk:
java/org/apache/tomcat/websocket/Utf8Decoder.java
test/org/apache/tomcat/websocket/TestUtf8.java
Author: markt
Date: Thu Dec 27 22:52:45 2012
New Revision: 1426356
URL: http://svn.apache.org/viewvc?rev=1426356&view=rev
Log:
Add early detection of invalid sequences - Autobahn tests now pass in full.
Modified:
tomcat/trunk/java/org/apache/tomcat/websocket/Utf8Decoder.java
tomcat/trunk/test/org/apache/tomcat/websocket/TestUtf8.java
Modified: tomcat/trunk/java/org/apache/tomcat/websocket/Utf8Decoder.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/tomcat/websocket/Utf8Decoder.java?rev=1426356&r1=1426355&r2=1426356&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/tomcat/websocket/Utf8Decoder.java (original)
+++ tomcat/trunk/java/org/apache/tomcat/websocket/Utf8Decoder.java Thu Dec 27 22:52:45 2012
@@ -99,6 +99,9 @@ public class Utf8Decoder extends Charset
return CoderResult.malformedForLength(1);
}
if (limit - pos < 1 + tail) {
+ // No early test for invalid sequences here as peeking
+ // at the next byte is harder (and Tomcat's WebSocket
+ // implementation always uses array backed buffers)
return CoderResult.UNDERFLOW;
}
int nextByte;
@@ -116,10 +119,14 @@ public class Utf8Decoder extends Charset
}
pos += tail;
}
- // Note: This is the additional test added
- if ((jchar >= 0xD800 && jchar <= 0xDFFF) || jchar > 0x10FFFF) {
+ // Apache Tomcat added test
+ if (jchar >= 0xD800 && jchar <= 0xDFFF) {
return CoderResult.unmappableForLength(3);
}
+ // Apache Tomcat added test
+ if (jchar > 0x10FFFF) {
+ return CoderResult.unmappableForLength(4);
+ }
if (jchar <= 0xffff) {
out.put((char) jchar);
outRemaining--;
@@ -162,6 +169,13 @@ public class Utf8Decoder extends Charset
return CoderResult.malformedForLength(1);
}
if (inIndexLimit - inIndex < 1 + tail) {
+ // Apache Tomcat added test - detects invalid sequence as
+ // early as possible
+ if (jchar == 0x74 && inIndexLimit > inIndex + 1) {
+ if ((bArr[inIndex + 1] & 0xFF) > 0x8F) {
+ return CoderResult.unmappableForLength(4);
+ }
+ }
break;
}
for (int i = 0; i < tail; i++) {
@@ -182,10 +196,14 @@ public class Utf8Decoder extends Charset
}
inIndex += tail;
}
- // Note: This is the additional test added
- if ((jchar >= 0xD800 && jchar <= 0xDFFF) || jchar > 0x10FFFF) {
+ // Apache Tomcat added test
+ if (jchar >= 0xD800 && jchar <= 0xDFFF) {
return CoderResult.unmappableForLength(3);
}
+ // Apache Tomcat added test
+ if (jchar > 0x10FFFF) {
+ return CoderResult.unmappableForLength(4);
+ }
if (jchar <= 0xffff) {
cArr[outIndex++] = (char) jchar;
outRemaining--;
Modified: tomcat/trunk/test/org/apache/tomcat/websocket/TestUtf8.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/test/org/apache/tomcat/websocket/TestUtf8.java?rev=1426356&r1=1426355&r2=1426356&view=diff
==============================================================================
--- tomcat/trunk/test/org/apache/tomcat/websocket/TestUtf8.java (original)
+++ tomcat/trunk/test/org/apache/tomcat/websocket/TestUtf8.java Thu Dec 27 22:52:45 2012
@@ -89,9 +89,7 @@ public class TestUtf8 {
@Test
public void testHarmonyDecoder2() {
- // Ideally should fail after 2 bytes (i==1) but that makes the decoder
- // a lot more complex to write
- doHarmonyDecoder(SRC_BYTES_2, true, 3);
+ doHarmonyDecoder(SRC_BYTES_2, true, 1);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org