From 0ab55e29dea0f87d979f31f690c1681c450c3b0d Mon Sep 17 00:00:00 2001 From: Dmitry Volyntsev Date: Mon, 8 Jan 2024 22:20:19 -0800 Subject: [PATCH] Avoiding arithmetic operations with NULL pointer in TextDecoder(). Found by UndefinedBehaviorSanitizer. --- src/njs_encoding.c | 2 +- src/njs_utf8.c | 28 +++++++++++++++------------- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/src/njs_encoding.c b/src/njs_encoding.c index 649adf70..98a73338 100644 --- a/src/njs_encoding.c +++ b/src/njs_encoding.c @@ -543,7 +543,7 @@ njs_text_decoder_decode(njs_vm_t *vm, njs_value_t *args, njs_uint_t nargs, /* Looking for BOM. */ - if (!data->ignore_bom) { + if (start != NULL && !data->ignore_bom) { start += njs_utf8_bom(start, end); } diff --git a/src/njs_utf8.c b/src/njs_utf8.c index bce8be84..980a4497 100644 --- a/src/njs_utf8.c +++ b/src/njs_utf8.c @@ -361,25 +361,27 @@ njs_utf8_stream_length(njs_unicode_decode_t *ctx, const u_char *p, size_t len, size = 0; length = 0; - end = p + len; + if (p != NULL) { + end = p + len; - while (p < end) { - codepoint = njs_utf8_decode(ctx, &p, end); + while (p < end) { + codepoint = njs_utf8_decode(ctx, &p, end); - if (codepoint > NJS_UNICODE_MAX_CODEPOINT) { - if (codepoint == NJS_UNICODE_CONTINUE) { - break; - } + if (codepoint > NJS_UNICODE_MAX_CODEPOINT) { + if (codepoint == NJS_UNICODE_CONTINUE) { + break; + } - if (fatal) { - return -1; + if (fatal) { + return -1; + } + + codepoint = NJS_UNICODE_REPLACEMENT; } - codepoint = NJS_UNICODE_REPLACEMENT; + size += njs_utf8_size(codepoint); + length++; } - - size += njs_utf8_size(codepoint); - length++; } if (last && ctx->need != 0x00) { -- 2.47.3