Core: stricter UTF-8 handling in ngx_utf8_decode().

An UTF-8 octet sequence cannot start with a 11111xxx byte (above 0xf8),
see https://datatracker.ietf.org/doc/html/rfc3629#section-3.  Previously,
such bytes were accepted by ngx_utf8_decode() and misinterpreted as 11110xxx
bytes (as in a 4-byte sequence).  While unlikely, this can potentially cause
issues.

Fix is to explicitly reject such bytes in ngx_utf8_decode().
This commit is contained in:
Yugo Horie 2023-02-23 08:09:50 +09:00
parent 4ace957c4e
commit 2c5fccd469

View File

@ -1364,7 +1364,12 @@ ngx_utf8_decode(u_char **p, size_t n)
u = **p; u = **p;
if (u >= 0xf0) { if (u >= 0xf8) {
(*p)++;
return 0xffffffff;
} else if (u >= 0xf0) {
u &= 0x07; u &= 0x07;
valid = 0xffff; valid = 0xffff;