Swiftdiff options
| author | Tobias Markmann <tm@ayena.de> | 2015-09-17 08:14:57 (GMT) |
|---|---|---|
| committer | Swift Review <review@swift.im> | 2015-10-16 10:38:19 (GMT) |
| commit | 3a2b966711dbe6fa937c485d7ad56916219badb2 (patch) | |
| tree | 30e9f30bc3f2a3ca6b4ed0c5c11f4ae0703485d0 /Swiften/IDN/LibIDNConverter.cpp | |
| parent | 582ca915b5b82ada46d1183a7b882455ee01b7b1 (diff) | |
| download | swift-3a2b966711dbe6fa937c485d7ad56916219badb2.zip swift-3a2b966711dbe6fa937c485d7ad56916219badb2.tar.bz2 | |
Add UTF-8 validation function and validate input to libIDN functions
This is required to protect against the CVE-2015-2059 vulnerability in
libIDN.
Test-Information:
Added unit tests for UTF-8 validation and tested that existing unit
tests still pass.
Change-Id: I0a94136894c6e0004081456c59155a78a3dabf5f
Diffstat (limited to 'Swiften/IDN/LibIDNConverter.cpp')
| -rw-r--r-- | Swiften/IDN/LibIDNConverter.cpp | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/Swiften/IDN/LibIDNConverter.cpp b/Swiften/IDN/LibIDNConverter.cpp index f36929a..78303b1 100644 --- a/Swiften/IDN/LibIDNConverter.cpp +++ b/Swiften/IDN/LibIDNConverter.cpp @@ -1,25 +1,28 @@ /* - * Copyright (c) 2012-2013 Isode Limited. + * Copyright (c) 2012-2015 Isode Limited. * All rights reserved. * See the COPYING file for more information. */ #include <Swiften/IDN/LibIDNConverter.h> extern "C" { #include <stringprep.h> #include <idna.h> } -#include <vector> #include <cassert> #include <cstdlib> +#include <vector> + +#include <boost/shared_ptr.hpp> + #include <Swiften/Base/ByteArray.h> #include <Swiften/Base/SafeAllocator.h> -#include <boost/shared_ptr.hpp> +#include <Swiften/IDN/UTF8Validator.h> using namespace Swift; namespace { static const int MAX_STRINGPREP_SIZE = 1024; @@ -34,12 +37,16 @@ namespace { return 0; } template<typename StringType, typename ContainerType> ContainerType getStringPreparedInternal(const StringType& s, IDNConverter::StringPrepProfile profile) { ContainerType input(s.begin(), s.end()); + if (!UTF8IsValid(s.data(), s.size())) { + return ContainerType(); + } + input.resize(MAX_STRINGPREP_SIZE); if (stringprep(&input[0], MAX_STRINGPREP_SIZE, static_cast<Stringprep_profile_flags>(0), getLibIDNProfile(profile)) == 0) { return input; } else { return ContainerType(); |