Reject overlong UTF-8 sequences

2020-10-21 04:52:24 +02:00
parent 69101eb155
commit b08cf6c29f
2 changed files with 11 additions and 4 deletions
--- a/liberty.c
+++ b/liberty.c
@@ -2753,6 +2753,11 @@ utf8_decode (const char **s, size_t len)

 	// Check the rest of the sequence
 	uint32_t cp = *p++ & ~mask;
+
+	// Overlong sequence (possibly MUTF-8, not supported)
+	if (!cp && sequence_len)
+		return -1;
+
 	while (sequence_len && --sequence_len)
 	{
 		if (p == end)