1 /*************************************************
2 * Perl-Compatible Regular Expressions *
3 *************************************************/
4
5 /* PCRE is a library of functions to support regular expressions whose syntax
6 and semantics are as close as possible to those of the Perl 5 language.
7
8 Written by Philip Hazel
9 Copyright (c) 1997-2013 University of Cambridge
10
11 -----------------------------------------------------------------------------
12 Redistribution and use in source and binary forms, with or without
13 modification, are permitted provided that the following conditions are met:
14
15 * Redistributions of source code must retain the above copyright notice,
16 this list of conditions and the following disclaimer.
17
18 * Redistributions in binary form must reproduce the above copyright
19 notice, this list of conditions and the following disclaimer in the
20 documentation and/or other materials provided with the distribution.
21
22 * Neither the name of the University of Cambridge nor the names of its
23 contributors may be used to endorse or promote products derived from
24 this software without specific prior written permission.
25
26 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
27 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29 ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
30 LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 POSSIBILITY OF SUCH DAMAGE.
37 -----------------------------------------------------------------------------
38 */
39
40
41 /* This module contains an internal function for validating UTF-8 character
42 strings. */
43
44 /* %ExternalCopyright% */
45
46 #ifdef HAVE_CONFIG_H
47 #include "config.h"
48 #endif
49
50 #include "pcre_internal.h"
51
52
53 /*************************************************
54 * Validate a UTF-8 string *
55 *************************************************/
56
57 /* This function is called (optionally) at the start of compile or match, to
58 check that a supposed UTF-8 string is actually valid. The early check means
59 that subsequent code can assume it is dealing with a valid string. The check
60 can be turned off for maximum performance, but the consequences of supplying an
61 invalid string are then undefined.
62
63 Originally, this function checked according to RFC 2279, allowing for values in
64 the range 0 to 0x7fffffff, up to 6 bytes long, but ensuring that they were in
65 the canonical format. Once somebody had pointed out RFC 3629 to me (it
66 obsoletes 2279), additional restrictions were applied. The values are now
67 limited to be between 0 and 0x0010ffff, no more than 4 bytes long, and the
68 subrange 0xd000 to 0xdfff is excluded. However, the format of 5-byte and 6-byte
69 characters is still checked.
70
71 From release 8.13 more information about the details of the error are passed
72 back in the returned value:
73
74 PCRE_UTF8_ERR0 No error
75 PCRE_UTF8_ERR1 Missing 1 byte at the end of the string
76 PCRE_UTF8_ERR2 Missing 2 bytes at the end of the string
77 PCRE_UTF8_ERR3 Missing 3 bytes at the end of the string
78 PCRE_UTF8_ERR4 Missing 4 bytes at the end of the string
79 PCRE_UTF8_ERR5 Missing 5 bytes at the end of the string
80 PCRE_UTF8_ERR6 2nd-byte's two top bits are not 0x80
81 PCRE_UTF8_ERR7 3rd-byte's two top bits are not 0x80
82 PCRE_UTF8_ERR8 4th-byte's two top bits are not 0x80
83 PCRE_UTF8_ERR9 5th-byte's two top bits are not 0x80
84 PCRE_UTF8_ERR10 6th-byte's two top bits are not 0x80
85 PCRE_UTF8_ERR11 5-byte character is not permitted by RFC 3629
86 PCRE_UTF8_ERR12 6-byte character is not permitted by RFC 3629
87 PCRE_UTF8_ERR13 4-byte character with value > 0x10ffff is not permitted
88 PCRE_UTF8_ERR14 3-byte character with value 0xd000-0xdfff is not permitted
89 PCRE_UTF8_ERR15 Overlong 2-byte sequence
90 PCRE_UTF8_ERR16 Overlong 3-byte sequence
91 PCRE_UTF8_ERR17 Overlong 4-byte sequence
92 PCRE_UTF8_ERR18 Overlong 5-byte sequence (won't ever occur)
93 PCRE_UTF8_ERR19 Overlong 6-byte sequence (won't ever occur)
94 PCRE_UTF8_ERR20 Isolated 0x80 byte (not within UTF-8 character)
95 PCRE_UTF8_ERR21 Byte with the illegal value 0xfe or 0xff
96 PCRE_UTF8_ERR22 Unused (was non-character)
97
98 Arguments:
99 string points to the string
100 length length of string, or -1 if the string is zero-terminated
101 errp pointer to an error position offset variable
102
103 Returns: = 0 if the string is a valid UTF-8 string
104 > 0 otherwise, setting the offset of the bad character
105 */
106
107 int
PRIV(valid_utf)108 PRIV(valid_utf)(PCRE_PUCHAR string, int length, int *erroroffset)
109 {
110
111 #if defined(ERLANG_INTEGRATION)
112 return PRIV(yielding_valid_utf)(string, length, erroroffset, NULL);
113 }
114
115 int
PRIV(yielding_valid_utf)116 PRIV(yielding_valid_utf)(PCRE_PUCHAR string, int length, int *erroroffset, struct PRIV(valid_utf_ystate) *ystate)
117 {
118 #endif
119
120 #ifdef SUPPORT_UTF
121 register PCRE_PUCHAR p;
122
123 #if defined(ERLANG_INTEGRATION)
124 register long cnt;
125
126 if (!ystate) {
127 cnt = -1;
128 }
129 else {
130 cnt = ystate->cnt;
131 if (ystate->yielded) {
132 p = ystate->p;
133 length = ystate->length;
134 if (length < 0)
135 goto restart_length;
136 else
137 goto restart_validate;
138 }
139 }
140 #endif
141
142 if (length < 0)
143 {
144 for (p = string; *p != 0; p++) {
145 #if defined(ERLANG_INTEGRATION)
146 if (cnt > 0 && --cnt == 0) {
147 /*
148 * Return with cnt set to amount consumed;
149 * i.e. same amount as at start...
150 */
151 ystate->yielded = !0;
152 ystate->length = length;
153 ystate->p = p;
154 return PCRE_UTF8_YIELD;
155 }
156 restart_length:
157 (void) !0;
158 #endif
159 }
160 length = (int)(p - string);
161 }
162
163 for (p = string; length-- > 0; p++)
164 {
165 register pcre_uchar ab, c, d;
166
167 #if defined(ERLANG_INTEGRATION)
168
169 if (cnt > 0 && --cnt == 0) {
170 /*
171 * Return with cnt set to amount consumed;
172 * i.e. same amount as at start...
173 */
174 ystate->yielded = !0;
175 ystate->length = length;
176 ystate->p = p;
177 return PCRE_UTF8_YIELD;
178 }
179
180 restart_validate:
181
182 #endif
183
184 c = *p;
185 if (c < 128) continue; /* ASCII character */
186
187 if (c < 0xc0) /* Isolated 10xx xxxx byte */
188 {
189 *erroroffset = (int)(p - string);
190 return PCRE_UTF8_ERR20;
191 }
192
193 if (c >= 0xfe) /* Invalid 0xfe or 0xff bytes */
194 {
195 *erroroffset = (int)(p - string);
196 return PCRE_UTF8_ERR21;
197 }
198
199 ab = PRIV(utf8_table4)[c & 0x3f]; /* Number of additional bytes */
200 if (length < ab)
201 {
202 *erroroffset = (int)(p - string); /* Missing bytes */
203 return ab - length; /* Codes ERR1 to ERR5 */
204 }
205 length -= ab; /* Length remaining */
206
207 /* Check top bits in the second byte */
208
209 if (((d = *(++p)) & 0xc0) != 0x80)
210 {
211 *erroroffset = (int)(p - string) - 1;
212 return PCRE_UTF8_ERR6;
213 }
214
215 /* For each length, check that the remaining bytes start with the 0x80 bit
216 set and not the 0x40 bit. Then check for an overlong sequence, and for the
217 excluded range 0xd800 to 0xdfff. */
218
219 switch (ab)
220 {
221 /* 2-byte character. No further bytes to check for 0x80. Check first byte
222 for for xx00 000x (overlong sequence). */
223
224 case 1: if ((c & 0x3e) == 0)
225 {
226 *erroroffset = (int)(p - string) - 1;
227 return PCRE_UTF8_ERR15;
228 }
229 break;
230
231 /* 3-byte character. Check third byte for 0x80. Then check first 2 bytes
232 for 1110 0000, xx0x xxxx (overlong sequence) or
233 1110 1101, 1010 xxxx (0xd800 - 0xdfff) */
234
235 case 2:
236 if ((*(++p) & 0xc0) != 0x80) /* Third byte */
237 {
238 *erroroffset = (int)(p - string) - 2;
239 return PCRE_UTF8_ERR7;
240 }
241 if (c == 0xe0 && (d & 0x20) == 0)
242 {
243 *erroroffset = (int)(p - string) - 2;
244 return PCRE_UTF8_ERR16;
245 }
246 if (c == 0xed && d >= 0xa0)
247 {
248 *erroroffset = (int)(p - string) - 2;
249 return PCRE_UTF8_ERR14;
250 }
251 break;
252
253 /* 4-byte character. Check 3rd and 4th bytes for 0x80. Then check first 2
254 bytes for for 1111 0000, xx00 xxxx (overlong sequence), then check for a
255 character greater than 0x0010ffff (f4 8f bf bf) */
256
257 case 3:
258 if ((*(++p) & 0xc0) != 0x80) /* Third byte */
259 {
260 *erroroffset = (int)(p - string) - 2;
261 return PCRE_UTF8_ERR7;
262 }
263 if ((*(++p) & 0xc0) != 0x80) /* Fourth byte */
264 {
265 *erroroffset = (int)(p - string) - 3;
266 return PCRE_UTF8_ERR8;
267 }
268 if (c == 0xf0 && (d & 0x30) == 0)
269 {
270 *erroroffset = (int)(p - string) - 3;
271 return PCRE_UTF8_ERR17;
272 }
273 if (c > 0xf4 || (c == 0xf4 && d > 0x8f))
274 {
275 *erroroffset = (int)(p - string) - 3;
276 return PCRE_UTF8_ERR13;
277 }
278 break;
279
280 /* 5-byte and 6-byte characters are not allowed by RFC 3629, and will be
281 rejected by the length test below. However, we do the appropriate tests
282 here so that overlong sequences get diagnosed, and also in case there is
283 ever an option for handling these larger code points. */
284
285 /* 5-byte character. Check 3rd, 4th, and 5th bytes for 0x80. Then check for
286 1111 1000, xx00 0xxx */
287
288 case 4:
289 if ((*(++p) & 0xc0) != 0x80) /* Third byte */
290 {
291 *erroroffset = (int)(p - string) - 2;
292 return PCRE_UTF8_ERR7;
293 }
294 if ((*(++p) & 0xc0) != 0x80) /* Fourth byte */
295 {
296 *erroroffset = (int)(p - string) - 3;
297 return PCRE_UTF8_ERR8;
298 }
299 if ((*(++p) & 0xc0) != 0x80) /* Fifth byte */
300 {
301 *erroroffset = (int)(p - string) - 4;
302 return PCRE_UTF8_ERR9;
303 }
304 if (c == 0xf8 && (d & 0x38) == 0)
305 {
306 *erroroffset = (int)(p - string) - 4;
307 return PCRE_UTF8_ERR18;
308 }
309 break;
310
311 /* 6-byte character. Check 3rd-6th bytes for 0x80. Then check for
312 1111 1100, xx00 00xx. */
313
314 case 5:
315 if ((*(++p) & 0xc0) != 0x80) /* Third byte */
316 {
317 *erroroffset = (int)(p - string) - 2;
318 return PCRE_UTF8_ERR7;
319 }
320 if ((*(++p) & 0xc0) != 0x80) /* Fourth byte */
321 {
322 *erroroffset = (int)(p - string) - 3;
323 return PCRE_UTF8_ERR8;
324 }
325 if ((*(++p) & 0xc0) != 0x80) /* Fifth byte */
326 {
327 *erroroffset = (int)(p - string) - 4;
328 return PCRE_UTF8_ERR9;
329 }
330 if ((*(++p) & 0xc0) != 0x80) /* Sixth byte */
331 {
332 *erroroffset = (int)(p - string) - 5;
333 return PCRE_UTF8_ERR10;
334 }
335 if (c == 0xfc && (d & 0x3c) == 0)
336 {
337 *erroroffset = (int)(p - string) - 5;
338 return PCRE_UTF8_ERR19;
339 }
340 break;
341 }
342
343 /* Character is valid under RFC 2279, but 4-byte and 5-byte characters are
344 excluded by RFC 3629. The pointer p is currently at the last byte of the
345 character. */
346
347 if (ab > 3)
348 {
349 *erroroffset = (int)(p - string) - ab;
350 return (ab == 4)? PCRE_UTF8_ERR11 : PCRE_UTF8_ERR12;
351 }
352 }
353
354 #if defined(ERLANG_INTEGRATION)
355 if (ystate) {
356 /* Return with cnt set to amount consumed... */
357 ystate->cnt -= cnt;
358 ystate->yielded = 0;
359 }
360 #endif
361
362 #else /* Not SUPPORT_UTF */
363 (void)(string); /* Keep picky compilers happy */
364 (void)(length);
365 (void)(erroroffset);
366 #endif
367
368 return PCRE_UTF8_ERR0; /* This indicates success */
369 }
370
371 /* End of pcre_valid_utf8.c */
372