diff options
author | daurnimator <quae@daurnimator.com> | 2017-11-12 15:31:37 +1100 |
---|---|---|
committer | daurnimator <quae@daurnimator.com> | 2017-11-12 15:34:23 +1100 |
commit | 902d145793959ce0347b202303f8cb34223e6b04 (patch) | |
tree | 85d737a13511c01446626fa97cec97ecdfee0503 /src/defs.js | |
parent | be782a0b0313d3b23473b6fd08e08ffea20156be (diff) | |
download | fengari-902d145793959ce0347b202303f8cb34223e6b04.tar.gz fengari-902d145793959ce0347b202303f8cb34223e6b04.tar.bz2 fengari-902d145793959ce0347b202303f8cb34223e6b04.zip |
src/defs.js: Check for invalid continuation bytes
Diffstat (limited to 'src/defs.js')
-rw-r--r-- | src/defs.js | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/defs.js b/src/defs.js index ad79c67..01a48f5 100644 --- a/src/defs.js +++ b/src/defs.js @@ -157,19 +157,25 @@ const to_jsstring = function(value, from, to) { /* two byte sequence */ if (i >= to) throw RangeError("cannot convert invalid utf8 to javascript string"); let u1 = value[i++]; + if ((u1&0xC0) !== 0x80) throw RangeError("cannot convert invalid utf8 to javascript string"); u = ((u0 & 0x1F) << 6) + (u1 & 0x3F); } else if (u0 <= 0xEF) { /* three byte sequence */ if (i+1 >= to) throw RangeError("cannot convert invalid utf8 to javascript string"); let u1 = value[i++]; + if ((u1&0xC0) !== 0x80) throw RangeError("cannot convert invalid utf8 to javascript string"); let u2 = value[i++]; + if ((u2&0xC0) !== 0x80) throw RangeError("cannot convert invalid utf8 to javascript string"); u = ((u0 & 0x0F) << 12) + ((u1 & 0x3F) << 6) + (u2 & 0x3F); } else { /* four byte sequence */ if (i+2 >= to) throw RangeError("cannot convert invalid utf8 to javascript string"); let u1 = value[i++]; + if ((u1&0xC0) !== 0x80) throw RangeError("cannot convert invalid utf8 to javascript string"); let u2 = value[i++]; + if ((u2&0xC0) !== 0x80) throw RangeError("cannot convert invalid utf8 to javascript string"); let u3 = value[i++]; + if ((u3&0xC0) !== 0x80) throw RangeError("cannot convert invalid utf8 to javascript string"); u = ((u0 & 0x07) << 18) + ((u1 & 0x3F) << 12) + ((u2 & 0x3F) << 6) + (u3 & 0x3F); } str += String.fromCodePoint(u); |