#16336: fix input checking in the surrogatepass error handler. Patch by Serhiy Storchaka.

5044d9be · Ezio Melotti · ae24bce9 · 5044d9be · 5044d9be · 5044d9be
Commit 5044d9be authored Nov 03, 2012 by Ezio Melotti
Show whitespace changes
Inline Side-by-side

Showing with 9 additions and 4 deletions

Lib/test/test_codecs.py Lib/test/test_codecs.py +2 -0

Misc/NEWS Misc/NEWS +3 -0

Python/codecs.c Python/codecs.c +4 -4

No files found.
--- a/Lib/test/test_codecs.py
+++ b/Lib/test/test_codecs.py
@@ -647,6 +647,8 @@ class UTF8Test(ReadTest):
        self.assertTrue(codecs.lookup_error("surrogatepass"))
        with self.assertRaises(UnicodeDecodeError):
            b"abc\xed\xa0".decode("utf-8", "surrogatepass")
+        with self.assertRaises(UnicodeDecodeError):
+            b"abc\xed\xa0z".decode("utf-8", "surrogatepass")
 class UTF7Test(ReadTest):
    encoding = "utf-7"

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -10,6 +10,9 @@ What's New in Python 3.2.4
 Core and Builtins
 -----------------
+- Issue #16336: fix input checking in the surrogatepass error handler.
+  Patch by Serhiy Storchaka.
 - Issue #8401: assigning an int to a bytearray slice (e.g. b[3:4] = 5) now
  raises an error.

--- a/Python/codecs.c
+++ b/Python/codecs.c
@@ -821,10 +821,10 @@ PyCodec_SurrogatePassErrors(PyObject *exc)
        /* Try decoding a single surrogate character. If
           there are more, let the codec call us again. */
        p += start;
-        if (strlen(p) > 2 &&
+        if (PyBytes_GET_SIZE(object) - start >= 3 &&
-            ((p[0] & 0xf0) == 0xe0 ||
+            (p[0] & 0xf0) == 0xe0 &&
-             (p[1] & 0xc0) == 0x80 ||
+            (p[1] & 0xc0) == 0x80 &&
-             (p[2] & 0xc0) == 0x80)) {
+            (p[2] & 0xc0) == 0x80) {
            /* it's a three-byte code */
            ch = ((p[0] & 0x0f) << 12) + ((p[1] & 0x3f) << 6) + (p[2] & 0x3f);
            if (ch < 0xd800 || ch > 0xdfff)